npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2025 – Pkg Stats / Ryan Hefner

n8n-nodes-netsuite-tba

v0.1.7

Published

NetSuite API for n8n using TBA (OAuth1 HMAC-SHA256)

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

repleyrepley

Keywords

n8nn8n-community-nodenetsuitetbaoauth1suiteqlrestlet

Readme

n8n-nodes-netsuite-tba

Generic NetSuite HTTP (Token-Based Auth, OAuth 1.0a HMAC-SHA256) node for n8n.

  • Works with SuiteTalk (REST / SuiteQL), RESTlet, and Custom URLs.
  • No 3-legged OAuth flow. You provide consumer/token secrets + account Realm.
  • Auto-builds correct host for SuiteTalk/RESTlet; handles OAuth1 signing with realm.
  • Pass-through output by default (returns response body). Enable Return Full Response to get { status, headers, body }.

Tested with n8n 1.82.0. Credentials and node are written in TypeScript and bundled to dist/.

Contents

Requirements

  • Node.js 20+ for building the package.
  • n8n 1.82.0 or compatible runtime.
  • NetSuite account with Token-Based Authentication (TBA) enabled.
  • Integration record (Consumer Key / Secret), Access Token (Token ID / Secret), and a role with:
    • User Access Tokens
    • Web Services
    • REST Web Services

Install (local dev)

# install deps and build
npm install
npm run build

The compiled files will be in dist/.

Using with Docker (recommended for local testing)

Mount your custom extensions folder into the n8n container and point N8N_CUSTOM_EXTENSIONS to it.

Example docker-compose.yml snippet:

services:
  n8n:
    image: n8nio/n8n:latest
    environment:
      - N8N_CUSTOM_EXTENSIONS=/custom
    volumes:
      - ./extensions:/custom
    ports:
      - "5678:5678"

Place this project under ./extensions/n8n-nodes-netsuite-tba, run npm run build, then restart the container. In n8n, you should see a node called “NetSuite HTTP (TBA)” and credentials “NetSuite TBA”.

How it works

This node performs OAuth 1.0a signing with HMAC-SHA256 and includes realm="<Account ID>" in the Authorization header, which is required by NetSuite TBA.

Realms are sanitized for hostnames:

  • 1234567_SB11234567-sb1
  • TSTDRV1234567tstdrv1234567
  • 1234567 (prod) → 1234567

The node builds proper base URLs:

  • SuiteTalk: https://<realm>.suitetalk.api.netsuite.com/services/rest
  • RESTlet: https://<realm>.restlets.api.netsuite.com
  • Custom: any absolute URL you provide

Credentials

Create credentials NetSuite TBA with the following fields:

  • Account ID (Realm): e.g. 1234567, 1234567_SB1, or TSTDRV1234567
  • Consumer Key / Consumer Secret
  • Token ID / Token Secret
  • Signature Method (fixed): HMAC-SHA256

Realm must match your environment (include _SB# for sandbox). The node converts it to a valid subdomain automatically.

Node options

  • Domain
    • SuiteTalk (REST / SuiteQL) → base URL includes /services/rest. Use Path like /query/v1/suiteql or /record/v1/....
    • RESTlet → provide Script ID and Deploy ID. The node builds the path: /app/site/hosting/restlet.nl?script=<ID>&deploy=<ID>. For GET, you can add extra Query Parameters; for non-GET a JSON Body is required.
    • Custom → provide Custom Base URL and Path of your endpoint.
  • Method: GET | PUT | POST | PATCH | DELETE
  • Send Body + JSON Body: enable and provide JSON payload for non-GET calls (and SuiteQL POST).
  • Return Full Response: if enabled, returns { status, headers, body } instead of just body.
  • Add Prefer: transient Header: enabled by default; recommended/required for SuiteQL.

Examples

SuiteQL

  • Domain: SuiteTalk
  • Method: POST
  • Path: /query/v1/suiteql
  • Send Body: on
  • JSON Body:
{ "q": "SELECT 1" }

REST Records

  • Domain: SuiteTalk
  • Method: GET
  • Path: /record/v1/metadata-catalog

RESTlet GET

  • Domain: RESTlet
  • Method: GET
  • Script ID: 0000
  • Deploy ID: 1
  • Query Parameters: e.g. foo=bar

Result URL:

https://<realm>.restlets.api.netsuite.com/app/site/hosting/restlet.nl?script=1423&deploy=1&foo=bar

RESTlet POST

  • Domain: RESTlet
  • Method: POST
  • Script ID: 0000
  • Deploy ID: 1
  • Send Body: on
  • JSON Body:
{ "hello": "world" }

Custom domain

  • Domain: Custom
  • Custom Base URL: https://api.example.com
  • Method: GET
  • Path: /anything

Troubleshooting

  • 401 Unauthorized / INVALID_LOGIN

    • Realm must match the environment: 1234567 vs 1234567_SB1 vs TSTDRV...
    • Integration (Consumer) and Token must belong to the same Integration, Role, and Account.
    • Role must have User Access Tokens, Web Services, REST Web Services permissions.
    • Ensure you are calling the correct host for the realm (host is built automatically).

  • Invalid URL

    • Happens if base URL is missing for Custom, or if a sandbox realm with underscore is used directly as subdomain. This node automatically sanitizes the realm to avoid invalid hostnames.

  • Empty output

    • By default, the node returns only body. If the endpoint returns no content (e.g., 204), the node outputs {}. Enable Return Full Response to inspect status/headers.

  • “Could not get parameter”

    • This occurs when trying to read hidden parameters (e.g., jsonBody with Send Body off, or customBaseUrl when Domain is not Custom). The node guards against this.

License

MIT