NetSuite just made its REST Web Services API generally available across 140-plus record types and promoted OAuth 2.0 to the default authentication flow. This 2025.1-ready guide walks you through authentication, CRUD operations, SuiteQL improvements, and hard-won best practices.
1 · Prerequisites
| Requirement | Details |
|---|---|
| NetSuite role | REST Web Services + OAuth 2.0 Authorized Applications |
| API client | Postman, curl, or any library with OAuth 2.0 (or legacy TBA) |
| Core skills | JSON, HTTP verbs, NetSuite record terminology |
2 · Enable REST & OAuth 2.0
- Setup ▸ Company ▸ Enable Features ▸ SuiteCloud
- Confirm REST Web Services is on (default in new accounts).
- Tick OAuth 2.0. Keep Token-Based Auth only if legacy traffic needs it.
Heads-up — the old “REST Record Service (Beta)” checkbox is gone: REST is GA.
3 · Create Integration & Tokens
3.1 Integration record
- Setup ▸ Integration ▸ Manage Integrations ▸ New
- Name →
REST Web Services – 2025 - Enable OAuth 2.0 Authorization Code Grant (plus TBA if needed).
- Scope → REST Web Services
- Save → copy Client ID / Client Secret (shown once).
3.2 OAuth 2.0 handshake (example)
# Authorize
GET https://<ACCOUNT>.suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/authorize.nl?client_id=...&redirect_uri=...&response_type=code&scope=rest_webservices
# Exchange code → token
POST /services/rest/auth/oauth2/v1/token
grant_type=authorization_code&code=...&redirect_uri=...
# Use it
Authorization: Bearer <access_token>
4 · Base URL Quick-Check
https://<ACCOUNT_ID>.suitetalk.api.netsuite.com/services/rest/record/v1/5 · CRUD Operations
Customers
# List
GET /customer
# Retrieve one
GET /customer/123
# Create
POST /customer
{
"companyName": "Robbie Test Company",
"subsidiary": { "id": "1" }
}
# Update
PATCH /customer/123
{ "comments": "Best customer ever" }
Sales Orders
# Retrieve
GET /salesorder/456
# Create
POST /salesorder
{
"entity": { "id": "123" },
"items": { "items": [ { "item": { "id": "108" }, "quantity": 1 } ] }
}
# Update existing line
PATCH /salesorder/456
{
"items": { "items": [ { "line": 1, "quantity": 2 } ] }
}
Gotcha — omit "line" and NetSuite adds, rather than updates, a line.
6 · SuiteQL 2025 Enhancements
- Endpoint:
/services/rest/query/v1/suiteql - New headers:
hasMore,totalResults,next
POST /services/rest/query/v1/suiteql
Prefer: transient
{
"q": "SELECT id, email FROM customer WHERE isinactive = 'F' ORDER BY id LIMIT 50"
}
If hasMore: true, follow the next URL until exhausted.
7 · Pagination Cheat-Sheet
| Goal | 2025 Method |
|---|---|
| Quick slice | ?limit=<n> |
| Full export | Follow next header |
| > 100 K rows | Use SuiteAnalytics Connect |
8 · Best Practices & Troubleshooting
- Mirror the UI — replicate actions inside NetSuite to reveal required fields.
- Minimal PATCH — send only changed data for speed.
- Internal IDs over names for multi-language safety.
- Token refresh — renew at ~80 % of
expires_in. - Check weekly Help Center updates for off-cycle tweaks.
9 · Changelog 2022 → 2025
| 2022.2 | 2025.1 |
|---|---|
| REST Beta flag | GA by default |
| Token-Based Auth default | OAuth 2.0 recommended |
Manual offset maths | next header simplifies paging |
| ≈ 70 record types | 140 + GA record types |
| No AI endpoints | Early AI helper preview |
Need deeper help? Email support@getknit.dev — we ❤️ tough NetSuite integrations.
.webp)
