Discussions
Stay up-to-date with the latest news from NetSuite. You’ll be in the know about how to connect with peers and take your business to new heights at our virtual, in-person, on demand events, and much more.
New AI Community Guidelines. Please review and follow them to ensure AI use stays safe, accurate, and compliant.
Update: Narrative Insights has been restored and is now available.
Narrative Insights is Temporarily Unavailable due to an Infrastructure Issue. Learn how This Impacts Your Account and What to Expect While the Feature is Disabled.
Narrative Insights is Temporarily Unavailable due to an Infrastructure Issue. Learn how This Impacts Your Account and What to Expect While the Feature is Disabled.
Security Concerns with RESTlets
Let's get the positive things out of the way first. RESTlets are great from the point of view of they're a web standard. Yay!
Now for the bad news.
RESTlets require a full set of NetSuite credentials to be forwarded to NetSuite in plain text with every request. "But HTTPS!" I hear the masses cry; that's all well and good until you consider the need to store those credentials somewhere (again, in plain text) to be sent with each of those requests. :h_a_w:
I'm not altogether comfortable with putting a full set of NetSuite login credentials into a database, or flat file, or some other means of storage that has to be accessible (by necessity) by my applications that I want to integrate using REST.
0