Jira Code : MICL-173
OAuth 2.0 relies on the access and refresh tokens to authorize access to protected resources. However, if these tokens are compromised, attackers can gain access to sensitive data. Here are some of the complexities that you may encounter when working with NetSuite OAuth 2.0:
- Access Token and Refresh Token: NetSuite OAuth 2.0 uses Access Tokens and Refresh Tokens to authenticate users and grant access to resources. Access Tokens are short-lived tokens that are used to access resources on behalf of the user, while Refresh Tokens are used to obtain new Access Tokens when the current token expires.
- Authorization Code Flow: NetSuite OAuth 2.0 uses the Authorization Code Flow to authenticate users and grant access to resources. This flow involves multiple steps, including redirecting the user to the NetSuite login page, obtaining an authorization code, exchanging the authorization code for an Access Token and Refresh Token, and using the Access Token to access resources.
- Token Expiration and Renewal: Access Tokens are short-lived and expire after a certain amount of time. NetSuite OAuth 2.0 provides a mechanism to renew Access Tokens using Refresh Tokens, but this process can be complex and requires the careful handling of tokens.
- Scopes and Permissions: NetSuite OAuth 2.0 uses Scopes and Permissions to determine what resources a user can access. Scopes are used to defining the level of access to resources, while Permissions are used to define specific actions that can be performed on resources.
- Token Storage and Handling: NetSuite OAuth 2.0 requires careful handling of tokens, including storage, retrieval, and revocation. Tokens must be securely stored and protected to prevent unauthorized access to resources.