Skip to Content
ModulesERP AdapterNetsuite ERP Adapter

Netsuite ERP Adapter

The Netsuite ERP Adapter is a specific implementation of the ERP Adapter designed to integrate with Oracle Netsuite, a widely used cloud-based ERP system. This adapter allows Reeve to retrieve financial data from Netsuite and process it within the Reeve platform.

This adapter is using oAuth2 for authentication and authorization, ensuring secure access to the Netsuite API. It implements the flow described in ERP Adapter and listens to the events ScheduledIngestionEvent and TransactionbatchCreatedEvent to initiate data retrieval and processing.

The actual process is as follows: erp-adapter-flow

Reeve Configuration

To configure the Netsuite ERP Adapter in Reeve, you need to set up several environment variables that will be used by the adapter to connect to the Netsuite API and authenticate using oAuth2. These environment variables are essential for the adapter to function correctly and securely. The following environment variables need to be set:

  • LOB_NETSUITE_ENABLED: A boolean value indicating whether the Netsuite ERP Adapter is enabled. Set this to true to activate the adapter.
  • LOB_NETSUITE_CLIENT_TOKEN_URL: The URL for obtaining the oAuth2 token from Netsuite. This is typically in the format https://<NETSUITE_ID>.suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token.
  • LOB_NETSUITE_CLIENT_PRIVATE_KEY_FILE_PATH: The path to the private key file used for oAuth2 authentication. This file should be kept secret and not shared publicly.
  • LOB_NETSUITE_CLIENT_CLIENT_ID: The client ID for the Netsuite integration, which is generated when you create a new integration record in Netsuite.
  • LOB_NETSUITE_CLIENT_CERTIFICATE_ID: The certificate ID for the oAuth2 client credentials setup in Netsuite. This is obtained after uploading the public part of your certificate to Netsuite.
  • LOB_NETSUITE_CLIENT_URL: The base URL of the Netsuite account, typically in the format https://<NETSUITE_ID>.restlets.api.netsuite.com/app/site/hosting/restlet.nl?<EXTRA PARAMS>.
  • LOB_NETSUITE_CLIENT_RECORDSPERCALL: The number of records to retrieve per API call. This can be adjusted based on the performance and limits of your Netsuite account. The default value is 1000.
  • LOB_NETSUITE_CLIENT_TIMEOUT_SECONDS: The timeout duration for API calls to Netsuite, specified in seconds. This helps to prevent long-running requests from hanging indefinitely. The default value is 30.

An example can be found in Reevee Application Repository.

Netsuite Configuration

How to set up oAuth2

This document describes how to set up oAuth2 for the Netsuite ERP connector, which we are using at the Cardano Foundation. It involves a few steps to set up the oAuth2 credentials in the Netsuite account and then use them in the connector.

  1. Creating the certificate

To create a certificate the following command is needed

openssl req -new -x509 -newkey rsa:4096 -keyout private.pem -sigopt rsa_padding_mode:pss -sha256 -sigopt rsa_pss_saltlen:64 -out public.pem -nodes -days 365

This will create a certifate pair with RSA-PSS. The public part is needed to be uploaded to netsuite. The private part must be kept secret and used in the connector. The path to this file must be passed to the application by leveraging the environment variable LOB_NETSUITE_CLIENT_PRIVATE_KEY_FILE_PATH.

  1. Adding the certificate to Netsuite
  • Create a new integration record in Netsuite
  • Go to Setup > Integration > Manage Integrations > New
  • When created you will see a client ID this is needed and needs to passed to the application by leveraging the environment variableLOB_NETSUITE_CLIENT_CLIENT_ID
  • Attention: You will see this clientID only once in Netsuite!
  • Create Client Credential Setup (M2M)
  • Go to Setup > Integration > OAuth 2.0 Client Credentials Setup and click Create new
  • Choose an Entity and a Role and for Application choose the Integration you created in the previos step
  • Then Upload the public part of your certificate
  • After saving you will see a new row in the table. Copy the certificate ID and save it in the environment variable LOB_NETSUITE_CLIENT_CERTIFICATE_ID
  1. Additional parameters needed:
  • LOB_NETSUITE_CLIENT_URL: Base url of the Netsuite account (usally https://<NETSUITE_ID>.restlets.api.netsuite.com/app/site/hosting/restlet.nl?<EXTRA PARAMS>)
  • LOB_NETSUITE_CLIENT_TOKEN_URL: Token url of the Netsuite account (usually https://<NETSUITE_ID>.suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token)

How to set up IP Address Filtering

With the IP Address Filtering it is possible to restict access to the Netsuite account to certain IP Addresses. This can be done on a company level or on an employee level. It is also possible to create a dummy user, which will then create the oAuth2 Login and this can be restricted to a specific IP Address.

  1. Enable the IP Range filtering Feature
  • Go to Setup > Company > Enable Features —> Enable IP ADDRESS RULES
  1. Adjust IP Addresses for Company
  • Go to Setup > Company > Company Information —> Edit
  • Add the IP Addresses you want to allow to access the Netsuite account under ALLOWED IP ADDRESSES
  • Possible notation:
  • Add a single IP Address (e.g. 123.45.67.80)
  • Add a range of IP Addresses by using bitmask notation (e.g. 123.45.67.80/24)
  • Add a range of IP Addresses by using a dash (e.g. 123.45.67.10-123.45.67.80)
  • Add NONE to deny all access
  • Add ALL to allow all access
  1. Adjust the allowed IP addresses by Employee
  • Go to Lists > Employees > Employees > The Employee you want to edit —> Edit
  • Under Access Tab adjust the IP ADDRESS RESSTRICTIONS to the desired IP Addresses
  • The user can inherit from company settings or have individual settings
Last updated on
ERP AdapterCSV ERP Adapter