Showing results for 
Search instead for 
Did you mean: 

How do I provide a valid OAuth/NLAuth authorization header for NetSuite?


How do I provide a valid OAuth/NLAuth authorization header for NetSuite?

Being new to NetSuite and Post Man, I wanted to get my very first RESTlet up and working using Token Based Authentication which I have already set up, therefore I have:

  • Account ID
  • Application ID
  • Consumer Key
  • Consumer Secret
  • Token ID
  • Token Secret

This particular role designated already has Web Services only checkbox ticked as it was indicated in a few guides I followed.

I am currently experimenting tests through my Post Man REST Client by inserting my RESTlet's external URL into the address bar, included the following header keys and their values: (Using the format > Key: Value)

Content-Type: application/json
Authorization: OAuth realm="###",oauth_consumer_key="###",oauth_token="###",oauth_signature_method="HMAC-SHA256",oauth_timestamp="?????",oauth_nonce="?????",oauth_version="1.0",oauth_signature="?????"

I already replaced the hashes ### with my NetSuite provided information, however anything marked with question marks ??? are generated using php code . (Sensitive information were intentionally removed and left blank on here)

As a result, I received a 403 Forbidden error ("InvalidSignature" on our saved search Login Audit)

    "error": {
    "message": "Invalid login attempt."


As an alternative, I have used NLAuth approach instead to no success:

NLAuth nlauth_account=#####, nlauth_email=###@###.###, nlauth_signature=######

Where the hashes contain my account ID, related email address and the password respectively. I have also tried nlauth_otp containing my usual 6-digit pass code from my authentication application.


Regardless, I received a 401 Unauthorized error (< Blank > on our saved search Login Audit)

"error": {
    "code": "TWO_FA_REQD",
    "message": "Two-Factor Authentication required"

Since this is my first RESTlet, I was attempting to display product inventory from NetSuite to products stored on Magento.


In terms of researching done within Magento DevDocs, I have followed DevDocs and created an instance of an Integration API with the intent of being able to link more content to and from NetSuite and Magento in the future.


I admit I am leaving something out unintentionally or have forgotten a step somewhere before here. Any help would much be appreciated.