NetSuite
⚠️
To be released in
next-auth@5.0.0-beta.18Resources
- NetSuite - Creating an Integration Record (OAuth 2.0)
- NetSuite - Authorizing OAuth Requests
- NetSuite - Configure OAuth Roles
- Learn more about NetSuite OAuth 2.0
Setup
Callback URL
https://example.com/api/auth/callback/netsuiteNetSuite does not support
http://callback URLs. When testing locally, you can use a service like ngrok to get a localhttpsURL.
Environment Variables
AUTH_NETSUITE_ID
AUTH_NETSUITE_SECRET
AUTH_NETSUITE_ACCOUNT_ID
Configuration
Before setting up the provider, you will need to ensure the following is setup.
- Create an Integration Record
- Uncheck the TBA Auth Flow checkbox.
- Check OAuth 2.0 Auth Flow checkbox.
- Copy and paste the
Callback URLbelow into theRedirect URIfield. - Then select the scope(s) you want to use.
- REST Web Services (
rest_webservices) - Access to REST Web Services. - RESTlets(
restlets) - Access to RESTLets. - SuiteAnalytics Connect (
suiteanalytics_connect) - Access to SuiteAnalytics Connect.
- REST Web Services (
- Add any policies you want to use.
- Application Logo (Optional) (Shown to users when they are asked to grant access to your application). - Consent Screen
- Application Terms of Use (Optional) - A PDF file that contains the terms of use for your application. - Consent Screen
- Application Privacy Policy (Optional) - A PDF file that contains the privacy policy for your application. - Consent Screen
- OAuth 2.0 Consent Policy Preference - This setting determines whether the user is asked to grant access to your application every time they sign in or only the first time they sign in or never.
- Save the Integration record.
- The Integration record will be used to generate the
clientIdandclientSecretfor the provider. Save the generated values for later
Userinfo RESTLet Handler
To use this provider, you’ll need to create a userinfo RESTlet in your NetSuite instance.
Our userinfo URL needs to be a suitelet or RESTLet URL that gives us the
information about the user. The best bet is to use the N/runtime module to
get the basics first. - Here is an example of a RESTlet below. Be sure to
deploy and enable access to “All Roles”.
Be sure to deploy and use the external RESTLet url of any usage of the URIs.
/**
* @NApiVersion 2.1
* @NScriptType Restlet
*/
define(["N/runtime"],
(runtime) => {
/**
* Defines the function that is executed when a GET request is sent to a RESTlet.
* @param {Object} requestParams - Parameters from HTTP request URL; parameters passed as an Object (for all supported
* content types)
* @returns {string | Object} HTTP response body; returns a string when request Content-Type is 'text/plain'; returns an
* Object when request Content-Type is 'application/json' or 'application/xml'
* @since 2015.2
*/
const get = (requestParams) => {
let userObject = runtime.getCurrentUser();
try {
log.debug({ title: "Payload received:", details: requestParams });
const { id, name, role, location, email, contact } = userObject;
log.audit({ title: "Current User Ran", details: name });
let user = {
id,
name,
role,
location,
email,
contact,
};
log.debug({ title: "Returning user", details: user });
return JSON.stringify(user);
} catch (e) {
log.error({ title: "Error grabbing current user:", details: e });
}
};
return {
get,
};
);Above is an example of returning the basic runtime information. Be sure to create a new script record and deployment record. When you save the deployment record, you will get the URLs for your RESTlet, which we will use as the userinfo URL.
Example Usage
@auth.ts
import NextAuth from "next-auth"
import NetSuite from "next-auth/providers/netsuite"
export const { handlers, auth, signIn, signOut } = NextAuth({
providers: [
NetSuite({
clientId: process.env.AUTH_NETSUITE_ID,
clientSecret: process.env.AUTH_NETSUITE_SECRET,
issuer: process.env.AUTH_NETSUITE_ACCOUNT_ID, // EX: TSTDRV1234567 or 81555 for prod, and 1234567-SB1 for Sandbox accounts not "_" use "-".
// Returns the current user using the N/runtime module. This url can be a suitelet or RESTlet (Recommended)
// Using getCurrentUser(); So we match this schema returned from this RESTlet in the profile callback. (Required)
userinfo:
"https://1234567.restlets.api.netsuite.com/app/site/hosting/restlet.nl?script=123&deploy=1",
// Optional
prompt: "login", // Required if you want to force the user to login every time.
scope: "restlets", // Optional defaults to "restlets rest_webservices". Enter the scope(s) you want to use followed by spaces.
}),
],
})