-
-
Save michoelchaikin/2a4916e0917aa0f79b8eb9d7fe275363 to your computer and use it in GitHub Desktop.
/* | |
Usage: | |
1. Define a NetSuite environment in Postman (https://www.getpostman.com/docs/postman/environments_and_globals/manage_environments) | |
with the following keys set: account, consumerKey, consumerSecret, tokenId, tokenSecret | |
2. Add this script to your "Pre Request Script" in Postman (https://www.getpostman.com/docs/postman/scripts/pre_request_scripts) | |
3. Add the Token Passport in your request with variable placeholders | |
<tokenPassport xmlns="urn: messages_2017_2.platform.webservices.netsuite.com" xmlns:ns1="urn:core_2017_2.platform.webservices.netsuite.com"> | |
<ns1:account>{{account}}</ns1:account> | |
<ns1:consumerKey>{{consumerKey}}</ns1:consumerKey> | |
<ns1:token>{{tokenId}}</ns1:token> | |
<ns1:nonce>{{nonce}}</ns1:nonce> | |
<ns1:timestamp>{{timestamp}}</ns1:timestamp> | |
<ns1:signature algorithm="HMAC-SHA1">{{signature}}</ns1:signature> | |
</tokenPassport> | |
*/ | |
let account = pm.environment.get("account"); | |
let consumerKey = pm.environment.get("consumerKey"); | |
let consumerSecret = pm.environment.get("consumerSecret"); | |
let tokenId = pm.environment.get("tokenId"); | |
let tokenSecret = pm.environment.get("tokenSecret"); | |
let timestamp = new Date().getTime().toString().substring(0, 10); | |
let nonce = CryptoJS.lib.WordArray.random(10).toString(); | |
let baseString = `${account}&${consumerKey}&${tokenId}&${nonce}&${timestamp}`; | |
let key = `${consumerSecret}&${tokenSecret}`; | |
let signature = CryptoJS.HmacSHA1(baseString, key).toString(CryptoJS.enc.Base64); | |
pm.environment.set("signature", signature); | |
pm.environment.set("nonce", nonce); | |
pm.environment.set("timestamp", timestamp); |
There's a typeo in line 17, causing a "1" to be appended to the signaure:
<ns1:signature algorithm="HMAC-SHA1">{{signature}}1</ns1:signature>
should be:
<ns1:signature algorithm="HMAC-SHA1">{{signature}}</ns1:signature>
Thanks for catching that. I've fixed it in the gist.
New to Postman and was stumped about how to use TBA with NetSuite/Postman. This works perfectly; thanks very much.
New to Postman and was stumped about how to use TBA with NetSuite/Postman. This works perfectly; thanks very much.
😄 Just stumbled on your write up here - https://blog.zuar.com/netsuite-api-exploring-soap/. It's really clear and easy to follow
Can we Replace the Algorithm from HmacSHA1 to HmacSHA256 in the XML part and the custom code we use?
@michoelchaikin @kheast would either of you happen to have a working example of sending a soap request via Postman to the SuiteTalk API? I'v been struggling to get past the SOAPAction header. Here's my full Post sample:
POST https://myaccount.suitetalk.api.netsuite.com/services/netsuiteport_2017_2
POST /services/netsuiteport_2017_2 HTTP/1.1
SOAPAction: getAll
Content-Type: text/xml
User-Agent: PostmanRuntime/7.36.0
Accept: /
Postman-Token: 4002c99b-c3f2-403f-8830-1132012d9e0e
Host: myaccount.suitetalk.api.netsuite.com
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Content-Length: 827
<soap-env:Envelope xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/">
<soap-env:Header>
<tokenPassport>
<account>*******</account>
<consumerKey>*******</consumerKey>
<token>*******</token>
<nonce>bf8fa7d3a371d8309ceb</nonce>
<timestamp>1703358149</timestamp>
<signature algorithm="HMAC-SHA256">+NLBYMTJxjoDWctCA4hpujOsdr4TaMboj2wH1irOPQ7=</signature>
</tokenPassport>
</soap-env:Header>
<soap-env:Body>
<getAll xmlns="urn:messages_2017_1.platform.webservices.netsuite.com">
<record recordType="currency"/>
</getAll>
</soap-env:Body>
</soap-env:Envelope>
and the response:
HTTP/1.1 500 Internal Server Error
Content-Type: text/xml;charset=utf-8
Content-Length: 771
X-N-OperationId: 1b3d5a1d-f30e-4853-b79a-6215ef92e70e
NS_RTIMER_COMPOSITE: 1765551851:706172746E6572733232302E70726F642D6961642D6E6132302E636F72652E6E732E696E7465726E616C:80
Strict-Transport-Security: max-age=31536000
Vary: User-Agent
Date: Sat, 23 Dec 2023 19:02:30 GMT
Connection: close
Akamai-GRN: 0.65a83817.1703358150.1a28d3ba
</ns3:stackTrace><ns4:hostname xmlns:ns4="http://xml.apache.org/axis/">partners220.prod-iad-na20.core.ns.internal</ns4:hostname></soapenv:Fault></soapenv:Body></soapenv:Envelope>
There's a typeo in line 17, causing a "1" to be appended to the signaure:
should be: