This topic contains 5 replies, has 0 voices, and was last updated by chanarbon 7 years, 10 months ago.
-
AuthorPosts
-
December 15, 2016 at 10:36 am #5673
david.smithI want to get tokens dynamically for a partner when they are approved. Has anyone been able to do this? I’ve tried calling the rest service but I get an error back that a session needs to be established and to sign in first. If the role I’m using has the ability to manage tokens, why can’t I request a set of new tokens for another user?
I’ve even tried the sample PHP found in SA: Sample PHP code for Issuing Token in Token-based Authentication but I haven’t gotten that to work either.
I find it frustrating that I can’t issue a token set for another user. Anyone with some pointers?
Thanks!
This is a cached copy. Click here to see the original post. -
December 18, 2016 at 7:06 pm #5674
chanarbonHi @david.smith,
For this concern, one question is that when you are attempting to issue a token, is the integration record where you plan to link the token installed on the account? That is one very crucial thing thing to concern in this case. Do you also have the permission for that user to login using token? Also another thing is that for that user role, is the web services user unchecked?
I might also suggest you to try https://netsuite.custhelp.com/app/an…il/a_id/44164/
-
December 19, 2016 at 9:30 am #5675
david.smithchanarbon Thanks for the response. Yes the integration record is in the account. I have looked at and tested that code.
I think what I’d really like to do is not available in NetSuite (but it should be). I’m using a login that has token management/admin permissions. I want to use that account to assign tokens to a user with Log in using Access Tokens permission. This can be done via the UI but it doesn’t seem possible to do via script.
I want to assign tokens to a user dynamically that has been granted access with a role that allows TBA. Another problem with the current NS setup is that the user’s password is required in the NLAUTH header. If the request comes from a user with Access Token Management it should grant the tokens for the entity requested.
-
December 19, 2016 at 5:36 pm #5676
chanarbonHi david.smith ,
From what I understand, you want to replicate the ability of administrator to generate tokens for users granted with the TBA-enabled role instead of the user with the TBA-enabled role to issue the token on their own. As of the moment, if the scenario that is mentioned is true, I think is is currently not yet available as the granting of token is done through the identity of the user requesting the token.
david.smith replied on 12/20/2016, 08:22 AM: Correct. In the UI this can be done. We should be able to do this with script as well.
-
December 27, 2016 at 2:21 pm #5677
chanarbonFor the “In the UI this can be done. We should be able to do this with script as well.”
In the programmatic issuing of tokens, it is per user basis which means that a user requests for a token using their credential for them to use while on the other hand, on the UI, the capability, the administrator selects a user and generates a token for the user. The big difference in the mentioned scenario is that the administrator requesting the token using UI has the option to select to which user the provisioning of token will happen but in the programmatic approach, there is no option for the admin to select to which user the provisioning with happen since it is per user basis
david.smith replied on 12/27/2016, 02:47 PM: Let’s say I have an external website. I have granted certain users login access through the NS UI and given them a role that has login in with token capability. The role limits them to see open support cases.
Now I want my website to make a call using a role that has token management to issue that use a set of tokens. When that user logs into my external website with their user/pass I can make calls to NS using their tokens to retrieve data.
I don’t understand your comment because I most certainly can select a user pragmatically. I know everything about that use except their password for NetSuite.
I could not get the PHP sample code to work. And I don’t want the users to have to go to another site and give them complicated instructions on how to use tokens.
-
January 3, 2017 at 3:00 am #5678
chanarbonHi @david.smith
I think we lost each other at “From what I understand, you want to replicate the ability of administrator to generate tokens for users granted with the TBA-enabled role instead of the user with the TBA-enabled role to issue the token on their own. As of the moment, if the scenario that is mentioned is true, I think is is currently not yet available as the granting of token is done through the identity of the user requesting the token.” when you mentioned correct in there. I am thinking that you might have been receiving an HTTP response 302. Could you post the error response thrown?
-
AuthorPosts
You must be logged in to reply to this topic.