I’m trying to setup the Oauth 2.0 authentication Machine to machine in Postman to get an access token for Netsuite.
Postman => Netsuite
I already have created TBA (Oauth 1.0) issue token endpoint and 3ways flow.
I also already have created code that were using Oauth 2.0 Authorization code grant flow.
But this time I can’t manage to successfully get the access token
I followed the documentation regarding the connection, but I always get invalid_request.
Here is the documentation:
- https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_162755359851.html#subsect_162756331633.
- https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_162686838198.html#subsect_162686947286.
- https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_162790605110.html.
I have created the integration, the certificates and the mapping.
I also have compared the JWT created with the help of https://jwt.io/#debugger-io and it work well.
But while sending the request with Postman, it said that this is an invalid request.
Here is the pre-request script in Postman:
const CryptoJS = require('crypto-js');
const CERTIFICATE_ID = pm.environment.get("CERTIFICATE_ID");
const CLIENT_ID = pm.environment.get("CLIENT_ID");
const ACCOUNT_ID = pm.environment.get("ACCOUNT_ID");
const AUD = "https://" + ACCOUNT_ID + ".suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token";
const SIGNATURE_CERTIFICATE = pm.environment.get("SIGNATURE_CERTIFICATE");
let iat = Date.now();
let interval = 1000 * 60 * 30;
let exp = iat + interval;
iat = Math.floor(iat / 1000);
exp = Math.floor(exp / 1000);
let grant_type = "client_credentials";
let client_assertion_type = "urn:ietf:params:oauth:client-assertion-type:jwt-bearer";
let client_assertion_type_encoded = encodeURIComponent(client_assertion_type)
let client_assertion = "";
let header;
let header_encoded;
let payload;
let payload_encoded;
let signature;
// 1) Create the header
header = {
typ : "JWT",
alg : "ES256",
kid : CERTIFICATE_ID
}
// 2) Encode the header
header_encoded = base64url(CryptoJS.enc.Utf8.parse(JSON.stringify(header)))
// 3) Create the paypload
payload = {
"iss" : CLIENT_ID,
"scope" : "rest_webservices",
"aud" : AUD,
"exp" : exp,
"iat" : iat
}
// 4) Encode the payload
payload_encoded = base64url(CryptoJS.enc.Utf8.parse(JSON.stringify(payload)))
// 5) Create the signature
signature = base64url(CryptoJS.SHA256(SIGNATURE_CERTIFICATE, header_encoded + "." + payload_encoded))
// 6) Merge the information to create the client assertion
client_assertion = header_encoded + "." + payload_encoded + "." + signature
// 7) Update the variable
// post_parameter = "grant_type=" + grant_type + "&client_assertion_type=" + client_assertion_type + "&client_assertion=" + client_assertion
pm.environment.set("GRANT_TYPE", grant_type);
pm.environment.set("CLIENT_ASSERTION_TYPE", client_assertion_type_encoded);
pm.environment.set("CLIENT_ASSERTION", client_assertion)
// pm.environment.set("CONCATENED_PARAMS", post_parameter);
console.log("URL encoded values", {
grant_type, client_assertion_type, client_assertion
})
function base64url(source) {
// Encode in classical base64
encodedSource = CryptoJS.enc.Base64.stringify(source)
// Remove padding equal characters
encodedSource = encodedSource.replace(/=+$/, '')
// Replace characters according to base64url specifications
encodedSource = encodedSource.replace(/+/g, '-')
encodedSource = encodedSource.replace(///g, '_')
return encodedSource
}
Did I miss something?