NetSuite Changelog
CommerceSuiteCommerceSecurityNew FeatureRelease Notes

Commerce Developer Tools for Secure Development in NetSuite

Commerce developer tools enable secure local testing and deployment to NetSuite, ensuring efficient development practices.

·2 min read·1 views·View Oracle Docs

The Commerce developer tools provide essential functionality for developers working with NetSuite, particularly for testing their applications locally and deploying them efficiently. Key topics covered within this reference include:

  • Token Based Authentication: Essential for authenticating users during fetch and deploy operations, especially post the introduction of mandatory two-factor authentication (2FA) in NetSuite accounts from 2018.2 onwards.
  • Mixed Domains in a Local Server: Guidance on handling redirections between local and production domains to avoid issues during testing.
  • Secure HTTP (HTTPS) with the Local Server: Ensures secure connections are maintained while developing and testing applications locally.
  • Troubleshooting the Developer Tools: Offers solutions and workarounds for common issues developers encounter while using the tools.

Token Based Authentication

With the need for enhanced security, developers must utilize token-based authentication instead of traditional usernames and passwords. The steps for generating tokens are crucial for ensuring secure interactions with the NetSuite environment. Here's how to generate an initial authentication token:

  1. Prerequisites:
    • Ensure that you have the Token Based Authentication feature enabled in your NetSuite account.
    • Use a role that has the necessary permissions, such as the Administrator role.

Note: After generating your initial token, subsequent operations will use this token unless specified otherwise.

Mixed Domains in a Local Server

Working across multiple domains while testing locally can lead to confusion. When testing, you may find that you are redirected to the production version of an application instead of the local version. In some scenarios, you may need to adjust the URL manually. For example:

From:

https://checkout.netsuite.com/c.xxxxxxx/sca-dev-denali/my_account.ssp?n=3

To:

https://checkout.netsuite.com/c.xxxxxxx/sca-dev-denali/my_account-local.ssp?n=3

This ensures you are using the local version for development.

Common Issues

While trying to load local resources, you may receive errors related to mixed content, especially if the page is accessed over HTTPS, while insecure content is requested. Chrome may block this by default. To resolve this:

  • Click on the shield icon in the address bar and select Load unsafe scripts.
  • Alternatively, you can launch Chrome with --allow-running-insecure-content to test your application seamlessly.

Troubleshooting the Developer Tools

For effective use of the Commerce developer tools, troubleshooting is essential. Developers may refer to the detailed documentation provided within this section for guided instructions on addressing common challenges encountered during development.

These tools not only enhance security but also streamline the development process, maintaining a high level of efficiency and reliability for developers working with NetSuite.

Frequently Asked Questions (4)

What role is required to generate an initial authentication token for NetSuite Commerce developer tools?
To generate an initial authentication token, you should use a role with necessary permissions, such as the Administrator role, and ensure that the Token Based Authentication feature is enabled in your NetSuite account.
Can I test my application locally with mixed domains when using NetSuite Commerce developer tools?
Yes, you can test your application locally using mixed domains. However, you may need to manually adjust the URL to switch from the production version to the local version during testing to avoid redirection issues.
How can I resolve mixed content errors when testing over HTTPS with the Commerce developer tools?
To resolve mixed content errors in Chrome when testing over HTTPS, you can click the shield icon in the address bar and select 'Load unsafe scripts' or launch Chrome with the `--allow-running-insecure-content` option.
Do I need to adjust any settings for secure HTTP connections while using the local server in NetSuite Commerce development?
Yes, you need to ensure that secure HTTP connections (HTTPS) are maintained for both development and testing on a local server to prevent security issues.
Source: Commerce Developer Tools Reference Oracle NetSuite Help Center. This article was generated from official Oracle documentation and enriched with additional context and best practices.

Was this article helpful?

More in Commerce

View all Commerce articles →