Netsuite Integration Setup

Last updated: September 15, 2025

Netsuite OAuth Client Credentials​

Connecting to NetSuite using Client Credentials (JWT) To make API requests to NetSuite on your behalf, you will need to configure an OAuth 2.0 app with JWT option. NetSuite's OAuth 2.0 documentation provides detailed steps for setting this up. OAuth Client Credentials Setup documentation details the steps that need to be taken.

As an administrator, you will need to:

  1. Enable SuiteTalk

    • Navigate to Setup > Company > Enable Features

    • Under the Suite Cloud tab, ensure that both REST WEB SERVICES and OAUTH 2.0 are checked.

  2. To Create an OAuth 2.0 app with JWT Option

    • Go to Setup > Integration > Manage Integrations > New

    • Give your integration a name and a description.

    • Un-check TOKEN-BASED AUTHENTICATION and TBA: AUTHORIZATION FLOW under Token-based Authentication

    • Ensure the following are checked under OAuth 2.0

      • REST WEB SERVICES

      • CLIENT CREDENTIALS (MACHINE TO MACHINE) GRANT

    • Enable REST WEB SERVICES under SCOPE

    • Take note of and save your CONSUMER KEY and CONSUMER SECRET as it will not be shown again in Netsuite after this step

  3. Generating the Certificate ID and Private Key for JWT

    • A private key is required for JWT-based authentication. Follow the steps below or refer to the NetSuite Documentation for generating or importing a private key.

    • On your machine create a valid certificate abiding by the Netsuite requirements using OpenSSL in a terminal. This will generate .pem files on your local machine containing key used as the Private Key for JWT information and the certificate for the next step

      openssl req -x509 -newkey rsa:4096 -sha256 -keyout auth-key.pem -out auth-cert.pem -nodes -days 730

    • In Netsuite, navigate to Setup > Integration > OAUTH 2.0 CLIENT (M2M) SETUP and select Create New

    • Choose the proper Entity, Role, and select the Application created in the previous section.

    • For Certificate choose the the public key you create - that is the auth-cert.pem file that was generated in the above openssl steps.

    • Once saved, a Certificate ID is generated. Save this for the Prismatic integration.

We will need Consumer ID (Client ID), Consumer Secret (Client Secret), Certificate ID (Key ID), Private Key for JWT, Scopes & Token URL. These can be emailed to success@cofactr.com