What's NetSuite?

NetSuite is Oracle's cloud-based ERP system that runs your entire business, accounting, inventory, CRM, e-commerce, the works. Companies use it when QuickBooks isn't cutting it anymore and they need real enterprise resource planning. If you're reading this, you probably need to pull data from NetSuite or push data into it programmatically. That means you need API access. Here's how to get it in under 10 minutes.

Prerequisites

• NetSuite account with Administrator or Integration Application Developer role
• Know which integration method you need (Token-Based Authentication or OAuth 2.0)

Method 1: Token-Based Authentication (TBA)

Step 1: Enable Token-Based Auth

Navigate to Setup → Company → Enable Features → SuiteCloud tab. Check these boxes:

• Client SuiteScript
• Server SuiteScript
• Token-Based Authentication

Hit Save. No debate needed.

Step 2: Create Integration Record

Setup → Integration → Manage Integrations → New

Fill this out:

• Name: Whatever helps you identify this later (e.g., "Production API Integration")
• State: Enabled
• Token-Based Authentication: Check it
• TBA: Authorization Flow: Uncheck (unless you need user consent flow)

Save it. NetSuite shows you the Consumer Key and Consumer Secret once. Copy them now or lose them forever.

Step 3: Generate Access Token

Setup → Users/Roles → Access Tokens → New

Select:

• Application Name: Your integration from Step 2
• User: The user account for API access
• Role: Pick one with necessary permissions

Click Save. Copy the Token ID and Token Secret immediately.

Step 4: Test Your Keys

Make a test API call to any endpoint with your OAuth credentials. If you get data back, you're golden. If not, check your role permissions.

Method 2: OAuth 2.0 (Newer, Cleaner)

Step 1: Create OAuth 2.0 Client

Setup → Integration → OAuth 2.0 Clients → New

Required fields:

• Name: Something descriptive
• Entity: Select your subsidiary/company
• Role: Pick the integration role
• Redirect URI: Your app's callback URL
• Scopes: Select what you need (restlets, rest_webservices, or suiteanalytics_connect)

Save. Note your Client ID and Client Secret.

Step 2: Get Authorization Code

Send users to the NetSuite authorization endpoint with your Client ID, redirect URI, and required scopes. Format: https://[ACCOUNT_ID].app.netsuite.com/app/login/oauth2/authorize.nl

Step 3: Exchange Code for Token

POST the authorization code to NetSuite's token endpoint with your client credentials. You get back access_token and refresh_token. Store them securely.

Common Screwups to Avoid

1. Wrong Account ID: It's not your email. Find it at Setup → Company → Company Information. Format: TSTDRV1234567 or 1234567_SB1

2. Role Permissions: Your token inherits the role's permissions. No permissions = useless token. Check Setup → Users/Roles → Manage Roles

3. Sandbox vs Production: They have different account IDs. Don't mix them up like a rookie.

4. Token Expiration: OAuth 2.0 tokens expire (default 60 minutes). Implement refresh token rotation, or you'll be debugging at 2 AM.

5. Rate Limits: NetSuite has concurrent request governance. Hit it too hard = 429 errors. Implement exponential backoff.

NetSuite Guides for Integration

Now that you've got your API keys, you can refer to the following guides on how to help you get started with NetSuite API integration.

1. https://www.apideck.com/blog/integrating-with-the-netsuite-rest-api#why-the-netsuite-rest-api-matters
2. https://www.apideck.com/blog/guide-to-integrating-with-the-netsuite-soap-api#why-the-netsuite-soap-api-is-important

Managing NetSuite API connectivity with Apideck's Vault

If you want to integrate with NetSuite and other accounting systems, managing API connections can be challenging. You can use Apideck to connect to accounting applications. Apideck's Vault allows for:

• Secure credential storage with automatic token refresh - No need to build token management infrastructure or handle OAuth flows manually.
• Pre-built authentication UI - Embedded Vault components handle credential input and OAuth authorization without custom UI development.
• Centralized connection monitoring - Track connection states, validate credentials, and manage multiple accounting platforms from a single dashboard.

And here's how you can easily connect and manage permissions for your API Access.

Provide your Netuiste Account ID and Consumer Keys, Secrets, etc., and you can then connect and manage your API connection via the Vault. If you don’t know how to get these fields, please check out our detailed guide here.