NetSuite supports OAuth 2.0, a robust authorization framework. OAuth 2.0 enables client applications to use a token to access NetSuite through REST web services, RESTlets, and SuiteAnalytics Connect. The application accesses the protected resources on behalf of a user who gave explicit permission for the access. This method eliminates the need for integrations to store user credentials. Use OAuth 2.0 as an alternative to the Token-based Authentication feature.
The OAuth 2.0 feature is for use with RESTlets, REST web services, and SuiteAnalytics Connect. It is not supported by SOAP web services.
OAuth 2.0 access is based on the authorization code grant flow for the generation of access tokens and refresh tokens, or the client credentials flow. The client credentials flow is a machine-to-machine flow for the generation of access tokens.