After Netsuite’s 2018.2 update all users with admin permissions are required to use 2 factor authentication and all integration users with admin permissions are required to use OAuth. If you are trying to connect to Netsuite with a python app and have to use OAuth I recommend the netsuite library. This is the only library I found that worked with OAuth. It also has some additional functionality I will get into at another time.
Connecting to Netsuite using it is relatively simple. You will need your Netsuite Consumer Key, Consumer Secret, Token Id, Token Secret and Netsuite Account Number. You will have gotten the Consumer Key and Consumer Secret when you set up the user.
If you do not remember them you can go to Setup > Integration > Integration Management > Manage Integrations. From there select the integration user you want, click edit and then reset credentials. The Consumer Key and Secret will be your Consumer Key and Secret for that user in both Production and Testing environments.
To get your Token Id and Token Secret go to the Netsuite homepage and in the Setting section select Manage Access Tokens. Once there click ‘New My Access Token’. Once you have created the new Access Token it will display the Token Id and Token Secret. This screen is the only time Netsuite will display these. If you lose them you will have to create a new Access Token. Your Token Id and Token Secret will be different between Production and Sandbox. Every time you refresh your Sandbox you will need to create a new Sandbox Access Token.
To get your Account Id go to Setup > Integration > Web Services Preferences. Your Account Id will be displayed in the ACCOUNT ID field. A production Account Id is just a number. The sandbox Account Id is that number followed by _SB1. If you have more than one sandbox I assume the number after SB will change.
In your python code format these into a dictionary object like the one below.
creds = {'config':
{'account': Account Id,
'Consumer_key': Consumer Key,
'Consumer_secret': Consumer Secret,
'Token_id': Token Id,
'Token_secret': Token Secret}
}
Then to create your client:
From netsuite import client
ns_client = client.NetSuite(**creds, sandbox=False, version=’2017.2.0’)
This client will ingest the Netsuite WSDL for you to access and sign any request you send to Netsuite through it using OAuth.
Why is sandbox=False set?
Netsuite changed how it handles sandboxes. It used to have two different URLs, but now you switch between production and sandbox using the dropdown in the top right. I believe this is why the sandbox boolean in this library does not work. Regardless if you always have sandbox=False you should not run into issues here. The Account Id is what will differentiate between Sandbox and Production.
Why is version ‘2017.2.0’ specified:
There is also an issue with this plugin that it currently only supports the 2017.2 version of SuiteTalk. This is because 2017.2 is hard coded into the OAuth signature creation. There is currently a fix waiting for approval, but the creator has not had time to verify it yet. If you need to use a version other than 2017.2 just download the library and make the modifications in the pull request yourself.
You now have a Netsuite client that uses zeep and will sign requests with OAuth. Another time I will write up integrating with Netsuite using zeep and the netsuite library. To be very brief you can use this library to send requests to netsuite by creating the correct zeep object from the netsuite WSDL and specifying the method. For example:
ns_client.request(‘get’, data)