Get certified in Microsoft Fabric—for free! For a limited time, the Microsoft Fabric Community team will be offering free DP-600 exam vouchers. Prepare now
Good Day,
With the help of Netsuite consultants, i manually coping the temp auth token key i can access Netsuite from API
I am trying to generate the authenticaion token, i was informed i need the assertion param value that postman uses as an example
1. The below is the javascript but how do i translate this to powerquery function?
pm.collectionVariables.set('companyId', pm.collectionVariables.get("NSCOMPID"));
var navigator = {}; // necessary as part of "eval" on jsrsasign lib
var window = {}; // necessary as part of "eval" on jsrsasign lib
eval(pm.globals.get("jsrsasign-js")); // grabbing jsrsasign lib, loaded in separate GET
const cryptojs = require('crypto-js'); // using crypto js for base64 encoding
// Create JWT header
var jwtHeader = {
alg: 'PS256', // Using PS256, which is one of the algorithms NetSuite supports for client credentials
typ: 'JWT',
kid: pm.collectionVariables.get("KID") // Certificate Id on the client credentials mapping
};
var stringifiedJwtHeader = JSON.stringify(jwtHeader);
console.log('jwtHeader: ' + stringifiedJwtHeader);
// Create JWT payload
var jwtPayload = {
iss: pm.collectionVariables.get("CONSUMER_KEY"), // consumer key of integration record
scope: ['restlets','rest_webservices'], // scopes specified on integration record
iat: (new Date() / 1000), // timestamp in seconds
exp: (new Date() / 1000) + 3600, // timestamp in seconds, 1 hour later, which is max for expiration
aud: pm.collectionVariables.get("RESTLET_URL")
};
var stringifiedJwtPayload = JSON.stringify(jwtPayload);
console.log('jwtPayload: ' + stringifiedJwtPayload);
// The secret is the private key of the certificate loaded into the client credentials mapping in NetSuite
var secret = pm.collectionVariables.get("CERTIFICATE_PRIVATE_KEY");
console.log('secret: ' + secret);
var encodedSecret = cryptojs.enc.Base64.stringify(cryptojs.enc.Utf8.parse(secret)); // we need to base64 encode the key
// Sign the JWT with the PS256 algorithm (algorithm must match what is specified in JWT header).
// The JWT is signed using the jsrsasign lib (KJUR)
var signedJWT = KJUR.jws.JWS.sign('PS256',stringifiedJwtHeader,stringifiedJwtPayload,secret);
// The signed JWT is the client assertion (encoded JWT) that is used to retrieve an access token
pm.collectionVariables.set('clientAssertion', signedJWT);
2. Below is my WIP version but im missing the javascript library that postman uses and the KID Param values etc,
let
// Define your client ID and client secret
clientId = "a0a...",
clientSecret = "1b3c...",
// Construct the assertion payload
assertionPayload = [
iss = clientId,
sub = clientId,
aud = "https://xxx.suitetalk.api.netsuite.com",
exp = Number.ToText(Number.Round(DateTimeZone.FixedLocalNow() + #duration(0,0,1,0))),
iat = Number.ToText(Number.Round(DateTimeZone.FixedLocalNow()))
],
// Convert the assertion payload to JSON
assertionPayloadJson = Json.FromValue(assertionPayload),
// ConvertToBinary
encodedPayload = Binary.ToText(assertionPayloadJson, BinaryEncoding.Base64),
// Construct the assertion header
assertionHeader = [
alg = "MII...",
typ = "JWT"
],
// Convert the assertion header to JSON
assertionHeaderJson = Json.FromValue(assertionHeader),
// Encode the header to base64
encodedHeader = Binary.ToText(assertionHeaderJson, BinaryEncoding.Base64),
// Concatenate the encoded header, payload, and signature
assertion = encodedHeader & "." & encodedPayload,
// Sign the assertion using the client secret
signedAssertion = assertion & "." & ""
in
signedAssertion
Please Help, Any ideas or links of someone doing this before
Hi @icassiem
A Client_Assertion token is typically used in server-to-server authentication scenarios. It's a way for an application (client) to authenticate itself to a server (like Microsoft Entra ID or Azure AD) using a signed JWT token (the assertion) instead of a client secret. This method is more secure and is particularly useful when you want to avoid storing secrets in your application.
Here are links about how to create the token for your reference:
Generate an embed token in Power BI embedded analytics - Power BI | Microsoft Learn
Best Regards
Zhengdong Xu
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Hi thank you @v-zhengdxu-msft
Do I have to create an entrai d by registering netsuite api with azure?
I tied something similar where I ussed powerbi api and required reg the api in azure for service principal only for partner and admin struggling for days saying bit was not possible
Is there no other option than reg netsuite with azure?
Check out the October 2024 Power BI update to learn about new features.
Learn from experts, get hands-on experience, and win awesome prizes.