N/https Module for Secure HTTPS Calls in NetSuite

The N/https module allows developers to manage content sent via HTTPS calls to third-party services. Unlike the N/http module, which supports HTTP, the N/https module restricts all communications to HTTPS, enhancing security for sensitive data transmissions. It facilitates HTTPS calls from both client and server scripts, ensuring robust interactions with external APIs and services.

Key Features of the N/https Module

• Secure Communication: Ensures that all data exchanged with external services is encrypted, protecting against eavesdropping and tampering.
• Seamless Integration: Communicates between SuiteScript scripts, RESTlets, and SuiteTalk REST APIs without the need for reauthentication, streamlining processes.
• Comprehensive Functionality: Includes methods for making GET, POST, PUT, and DELETE requests, handling responses, and encoding necessary content.

Method Overview

The N/https module offers various methods to facilitate secure communications:

Sending a GET Request

To retrieve information from a server, you can use the following method:

1const https = require('N/https');
2 
3const response = https.get({
4    url: 'https://api.example.com/data',
5});
6console.log(response.body);

Sending a POST Request

To send data to a server, use:

1const https = require('N/https');
2 
3const requestBody = { data: 'Sample data' };
4const response = https.post({
5    url: 'https://api.example.com/data',
6    body: JSON.stringify(requestBody),
7    headers: {'Content-Type': 'application/json'},
8});
9console.log(response.body);

Handling Server Responses

You can handle server responses with:

1const { ClientResponse } = require('N/https');
2 
3if (response.code === 200) {
4    console.log('Success:', response.body);
5} else {
6    console.error('Error:', response.code);
7}

Note: It is crucial to utilize TLS 1.2 for all HTTPS requests to ensure compatibility and security, particularly with third-party servers.

Important Considerations

• Ensure that the target endpoint uses certified certificate authorities (CAs) from the Mozilla Included CA Certificate List; otherwise, connections may fail.
• Avoid sending unencrypted credentials; instead, opt for Token-Based Authentication (TBA) or OAuth 2.0 to secure your authentication process.

Who This Affects

The N/https module impacts a variety of roles, including:

• Administrators: Manage and configure secure integrations.
• Developers: Implement and use secure API requests.
• Integration Specialists: Ensure third-party connections are secure and effective.

Key Takeaways

• The N/https module provides methods for secure HTTPS communications in NetSuite.
• Use TLS 1.2 and authorized certificate authorities for secure connections.
• Securely manage credentials using TBA or OAuth 2.0.
• Supports various HTTP request methods: GET, POST, PUT, DELETE.

Source: This article is based on Oracle's official NetSuite documentation.