Versions Compared

Old Version 9

changes.mady.by.user Marco Palella

Saved on

compared with

New Version Current

changes.mady.by.user Mike (Bin) Li

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info

Note: Netsuite does not provide an out of the box REST API. A REST API can be created by installing a small piece of software called “RESTlet” in your NetSuite installation. This RESTlet will create the API endpoint required for the API integration. Zilla has built a RESTlet capable of extracting accounts and roles in Netsuite. Please reach out to your Zilla Security contact for additional details.

Summary

Pre-Install

Before the install, you will need to request the RESTLet Javascript Code. You can either speak with your Technical Representative or reach out to support@zillasecurity.com to get the script.Take the following javascript code and save it into a file called ZillaUAR.js:

Code Block
languagejs
/**
 * @NApiVersion 2.1
 * @NModuleScope Public
 * @NScriptType Restlet
 *
 */

define(["N/search"],
    function (search) {

        /**
         * getEmployees - gets a list of all active employees with log in access
         * @returns JSON payload of employees, attributes, and roles
         *
         */
        function getEmployees() {
            var _employeeSearchObj = search.create({
                type: "employee",
                filters:
                    [
                        ["giveaccess","is","T"],
                        "AND",
                        ["isinactive","is","F"]
                    ],
                columns:
                    [
                        search.createColumn({name: "internalid", label: "Internal ID"}),
                        search.createColumn({name: "externalid", label: "External ID"}),
                        search.createColumn({
                            name: "entityid",
                            sort: search.Sort.ASC,
                            label: "Name"
                        }),
                        search.createColumn({name: "email", label: "Email"}),
                        search.createColumn({name: "firstname", label: "First Name"}),
                        search.createColumn({name: "lastname", label: "Last Name"})
                    ]
            });
            // var searchResultCount = _employeeSearchObj.runPaged().count;
            // log.debug("_employeeSearchObj result count",searchResultCount);

            var _employeeArray = [];
            _employeeSearchObj.run().each(function(result){
                // .run().each has a limit of 4,000 results
                _employeeArray.push({
                    "id": result.getValue({name: "internalid"}),
                    "externalid": result.getValue({name: "externalid"}),
                    "status": "Active",
                    "email": result.getValue({name: "email"}),
                    "firstname": result.getValue({name: "firstname"}),
                    "lastname": result.getValue({name: "lastname"}),
                    "roles": getRolesByEmployee(result.getValue({name: "internalid"}))
                })
                return true;
            });
            return _employeeArray;
        }

        /**
         * getRolesByEmployee - gets all roles assigned to a specific employee
         * @param _employeeID - internal ID of the employee record
         * @returns array of roles associated with the employee
         */
        function getRolesByEmployee(_employeeID) {
            var _employeeSearchObj = search.create({
                type: "employee",
                filters:
                    [
                        ["internalid", "anyof", _employeeID]
                    ],
                columns:
                    [
                        search.createColumn({name: "role", label: "Role"})
                    ]
            });
            // var searchResultCount = _employeeSearchObj.runPaged().count;
            // log.debug("_employeeSearchObj result count",searchResultCount);

            var _roleArray = [];
            _employeeSearchObj.run().each(function(result){
                // .run().each has a limit of 4,000 results
                _roleArray.push(result.getText("role"));
                return true;
            });
            return _roleArray;
        }

        return {
            /* Restlet Entry Point */
            get:
                /**
                 * <function description>
                 * @param context
                 * @returns ???
                 *
                 */
                function _get(context) {
                    return getEmployees();
                }
        };
    }
);

Setup in Netsuite

1. Create a Role

  1. Go to Setup > Users/Roles > Manage Roles > New

  2. Assign the role scopes:

    1. Lists -> Employees

    2. Lists -> Employees Records

    3. Lists -> Subsidiaries

    4. Lists -> Integration Applications

    5. Setup -> REST Web Services

    6. Setup -> Login Using Access Tokens

    7. Setup -> Bulk Manage LoginSetup -> Bulk Manage Roles

    8. Setup -> View Login Audit Trail

  3. Give the role access to all subsidiaries

...

  1. Go to setup->integration->manage integrations->new create a new Zilla integration

  2. Check 'token based authentication' and 'RESTLets', uncheck 'TBA Authorization Flow' and 'authorization code grant', then save

  3. Copy Client ID and Secret for later use

...

4. Create an Access Token

...

  1. Upload the script (Customization->Scripting->Scripts->New).

Info

Note: Make sure all names the script name and name of the script deployment are the same as the name (ZillaUAR.js) of the file (include the .js). 

  1. Make the created user an owner of the script

  2. check mark Restlets and uncheck Authorization Code Grant

...

  1. Select Deploy Script

  2. Add the Zilla integration Role to script deployment. Make status 'released'

  3. Add your subsidiary to the script

  4. Copy the External URL that appears once you save it for later use

...

Setup in Zilla

First, add NetSuite to your applications, then navigate to your NetSuite instance click Sync now in the top right corner and enable API Integration.

...

Set up NetSuite Application Integration on Zilla:

  • Visit the Zilla application and login using your admin credentials and then click Add Applicationin the top right.

...

  • A window with a search bar appears, type in netsuite in the search bar. NetSuite application entry will appear at the top of the list, click Add to Applications button to the right.

...

  • Fill in the form with appropriate details and then click Add to Applications button.

...

  • A detailed view of NetSuite application appears. Click Sync now or the gear icon in top right corner to configure your application.

...

  • Enable API Integration option from the dialog.

...

  • Add the configuration details, check the information below this screenshot.

...

Enter all of your information into the corresponding fields in Zilla:

Signature Method: value will be: HMAC-SHA256

Access Token: Token ID from Create a New Access Token Section

Token Secret: Token Secret from Create a New Access Token Section

...

  1. Consumer Key: Take from “3. Create an Integration in NetSuite” Section above

  2. Consumer Secret: Take from “3. Create an Integration in NetSuite” Section above

  3. Signature Method: value will be: HMAC-SHA256

  4. Realm: AccountID value found in the EXTERNAL URL value. For example, if the URL is https://123.restlets.api.netsuite.com … then the Realm value is 123. 

Info

If it’s a you’re using sandbox envenvironment, the Realm value needs to be 123_SB (with an underscore, not a hyphen). Needs to match the value at end of numbersAs an example, if my external URL is https://123-sb1.restlets.api.netsuite.com… then this value needs to be 123-SB1

  1. Users Endpoint: Taken from the Script Deployment record’s EXTERNAL URL value.

...

Users Endpoint must contain a complete URL (https://…).

...

  1. Access Token: Token ID from Create a New Access Token Section

  2. Token Secret: Token Secret from Create a New Access Token Section

  3. Sync permission associated to roles ? : Default is No. If set to No, it will not synchronise permissions associated with roles. If set to Yes, it will synchronise the permissions of all roles..

  • Once the configuration is complete click

...

  • Next/Sync Now.

...

  • Click Next and it will begin the sync.

...

  • The Click Done on the next pop-up that appears. After reviewing the sync summary pop-up, click Close.

...

  • Once the sync has been completed all accounts should appear under the Accounts tab.

...

Include Page
Integrations Footer
Integrations Footer

...