Secret Key ID Management in NetSuite

Starting in NetSuite, the Secret Key ID allows you to manage your CAPTCHA private key's ID securely. This key is essential for integrations and is stored server-side in the API Secrets area of NetSuite. Proper handling ensures that sensitive information remains protected.

Key Features of Secret Key ID

• Storage: Private keys are stored securely within the API Secrets section.
• Importance: It is crucial to keep your private key secure and avoid using it in client-side code. Incorrect usage can expose sensitive data.
• Access: You can access or create a CAPTCHA private key ID using the path: Integrations > Captcha.

Secret Key ID Specification

• ID Format: The ID to be used is captcha.secretKey.
• JSON Configuration: Refer to the Captcha.json file for configuration details.

Best Practices

• Always ensure that the private key is not revealed in user interfaces visible to other users.
• Regularly update your private keys and keep documentation of any changes.

How to Create a Secret Key

To create a new API secret, follow these steps:

1. Navigate to Setup > Company > Preferences > API Secrets.
2. Click on Create New at the top.
3. In the Create New Secret window, enter a descriptive name in the Name field. Do not use sensitive information here.
4. Provide a script ID without spaces or special characters in the ID field (NetSuite prefixes script IDs with 'custsecret').
5. Enter your secret in the Password field or load it from a secure file. For multi-line secrets, loading from a file is mandatory.
6. Confirm the password in the Confirm Password field.
7. (Optional) Activate the Expiration Warning checkbox for UI notifications about expirations.
8. Provide a description in the Description field without using sensitive details.