8

I am trying to get data from Netsuite using RESTlet. For that, i am using the following details in PHP:

  1. Consumer Key
  2. Consumer Secret
  3. Script Id
  4. Deploy Id
  5. Access Token Id
  6. Access Token Secret

At first time of using these details, i got that error is Invalid login attempt. I found why it is coming , because of the following any one or all of the wrong details.

  1. Consumer Key
  2. Consumer Secret
  3. Access Token Id
  4. Access Token Secret

After giving correct details it works fine and i stored all these details in DB. I didn't change anything. But after few days i am getting the same error.

I want to know whether the access token will expire after some days or why the error is coming.

quarks
  • 33,478
  • 73
  • 290
  • 513
Prabhu
  • 783
  • 2
  • 10
  • 35
  • 1
    No they should not expire. Verify that the token wasn't revoked or inactivated. Do the user and role setup for the token have login access? – TonyH Apr 27 '16 at 18:42
  • @Prabhu, what was the problem? I just ran into the same thing, and i can't figure out what changed or what's missing. It worked a few hours ago, now `Invalid Login Attempt` - `invalidCredentialsFault` – Kopernik Aug 15 '16 at 22:59
  • @avguchenko, still i am also having the same issue and not able find the exact solution. But Tony told that token will not expire. Just i conveyed thanks to him. i am also having doubt whether it ll expire or not. – Prabhu Aug 16 '16 at 13:17
  • My problem went away when I logged out of the website in the browser, and made sure to log out while in the web-services role. – Kopernik Aug 17 '16 at 15:29
  • This happening to me too. Only to a client on one machine - it works on another. I attempted @avguchenko's solution but still get same error. – cja Nov 18 '16 at 16:02

7 Answers7

13

I recently had similar issue, everything worked on my machine, but fail with same exception on the test server. Carefully debugged and saw that timestamps for generating request access token are with 12 min difference. After synching times everything went fine. So even token definitions in NetSuite doesn't expires, timestamps for generating request tokens must be in 'some' time-window with time in the NetSuite environment.

Too bad that SuiteAnswers (https://netsuite.custhelp.com/app/answers/detail/a_id/44241/kw/44241) doesn't mention anything about time.

borkomi
  • 131
  • 1
  • 5
  • 3
    If I could kiss you, I would. On the lips. Spent an entire day working with the netsuite developers of a custom restlet we had built, trying to figure out why, after testing successfully in both our dev an preprod environments, our code was failing from production. Turns out, our production server's time was approx 5 min off. Fixed the time - fixed the problem! I LOVE SO! – SCady Mar 29 '18 at 21:57
  • Holy cow, this was my fix as well. I've been connecting to the NS API from a Laravel Homestead virtual machine. I re-synced the time on the virtual machine using the commands below and it fixed the issue: sudo service ntp stop sudo ntpd -gq sudo service ntp start – forgueam May 17 '18 at 14:53
  • I had the same problem, how did it fixed was that I had to change the system date to something different for testing purposes and forgot to reset it, and it was failing over and over again while deploying. Changed to the date to automatically then it fixed. Almost spent like 3hours on the same for this silly mistake. – shyamzzp Feb 18 '21 at 05:45
11

If you are trying to access a RESTlet through Token Based Authentication (TBA) and are receiving the INVALID_LOGIN_ATTEMPT error and the login audit detail is permission_denied, then the following may work.

Ensure that the role:

  • Isn't an administrator type role
  • Doesn't have the Web Services Only Role checked

Also double check that your related integration has the TOKEN-BASED AUTHENTICATION checked.

Note: to check your audit trail detail, go to Setup > Users/Roles > View Login Audit Trail, check USE ADVANCED SEARCH, and be sure to add Detail as a result column.

David Rogers
  • 2,601
  • 4
  • 39
  • 84
Brian
  • 697
  • 1
  • 7
  • 14
  • If you are using user credentials for RESTlet Authentication ensure that the role doesn't have the web services only Role checked. – Brian Kenya Oct 15 '18 at 17:50
  • Strangely, my RESTlets were working when using user credentials and a role that was "Web Services Only". When I switched to TBA, the Web Services Only role would no longer work. I switched to another role and all now works. – Ben Mills Jan 11 '19 at 20:52
  • Mine said InvalidSignature – Hayden Thring Feb 08 '19 at 06:01
9

In my case I was getting the account id from the URL which is lowercase, while it should be upper case.

amd
  • 20,637
  • 6
  • 49
  • 67
  • 2
    Make sure you get this from the Company Information in the Setup menu of NetSuite. Mine was on sandbox, and it had a underscore but the account id from the url had a dash. – Israel Lopez Nov 18 '20 at 17:37
  • 1
    The url should be lowercase with a dash and the realm should be upper case with an underscore – Luke May 21 '21 at 15:20
  • @Luke thank you so much for this tip. Was using SOAP this whole time because I could never got my RESTlets to work, and it's all due to an underscore. FML. – myopenid Jun 21 '23 at 14:55
4

I was testing on a sandbox and sb1 should be xxxxxx-SB1 on the URL and Realm should be xxxx_SB1

ahmed saeed moawoad elmasry
  • 71
  • 4
1

Finally I found the answer for 403 error in my case, I changed the time offset with my standard CST time zone, and repost, it worked. If you found this 403 error and have been trying every ways, check the time on your machine

Hapi
  • 23
  • 4
0

If you are using user credentials for RESTlet Authentication ensure that the role in use doesn't have the web services only Role checked.

Brian Kenya
  • 71
  • 1
  • 3
0

It has to ensure the token (Token ID) matches the proper Application on the Netsuite side.
Setup -> Integration -> Manage Integrations

Ivan Chau
  • 1,403
  • 1
  • 18
  • 28