📑 In This Module
🎯 Learning Objectives
- Understand RESTlets vs Suitelets
- Implement GET, POST, PUT, DELETE handlers
- Return JSON responses
- Understand authentication options
1. What Are RESTlets?
RESTlets are web service endpoints for external system integration. Unlike Suitelets (HTML pages for users), RESTlets return data (JSON/XML) for other applications.
💡 Suitelet vs RESTlet
| Feature | Suitelet | RESTlet |
|---|---|---|
| Purpose | User interfaces | System integration |
| Output | HTML pages | JSON/XML data |
| Consumer | Humans | Applications |
| Auth | Browser session | OAuth/Token |
2. HTTP Methods
| Method | Function | Use Case |
|---|---|---|
| GET | get() | Retrieve data |
| POST | post() | Create records |
| PUT | put() | Update records |
| DELETE | delete() | Delete records |
3. Creating RESTlets
/**
* @NApiVersion 2.1
* @NScriptType Restlet
*/
define(['N/record', 'N/search'], function(record, search) {
// GET - Retrieve customer data
function get(requestParams) {
var customerId = requestParams.id;
if (!customerId) {
return { error: 'Missing customer ID' };
}
var customer = record.load({
type: record.Type.CUSTOMER,
id: customerId
});
return {
id: customer.id,
name: customer.getValue('companyname'),
email: customer.getValue('email'),
phone: customer.getValue('phone')
};
}
// POST - Create new customer
function post(requestBody) {
var customer = record.create({
type: record.Type.CUSTOMER
});
customer.setValue('companyname', requestBody.name);
customer.setValue('email', requestBody.email);
var customerId = customer.save();
return {
success: true,
id: customerId,
message: 'Customer created'
};
}
// PUT - Update customer
function put(requestBody) {
var customer = record.load({
type: record.Type.CUSTOMER,
id: requestBody.id
});
if (requestBody.email) {
customer.setValue('email', requestBody.email);
}
customer.save();
return { success: true, message: 'Customer updated' };
}
// DELETE - Remove customer
function doDelete(requestParams) {
record.delete({
type: record.Type.CUSTOMER,
id: requestParams.id
});
return { success: true, message: 'Customer deleted' };
}
return {
get: get,
post: post,
put: put,
'delete': doDelete // 'delete' is reserved word
};
});
⚠️ Return Values
RESTlets automatically convert returned objects to JSON. Just return a JavaScript object - no need to stringify!
4. Authentication
RESTlets require authentication. Options include:
- Token-Based Authentication (TBA) - Recommended for integrations
- OAuth 2.0 - Standard OAuth flow
- NLAuth - Legacy, uses email/password
Calling from External System
// Example: Calling RESTlet from external application
// URL format: https://<account>.restlets.api.netsuite.com/app/site/hosting/restlet.nl?script=123&deploy=1
// With Token-Based Auth headers:
// Authorization: OAuth realm="ACCOUNT_ID",
// oauth_consumer_key="...",
// oauth_token="...",
// oauth_signature_method="HMAC-SHA256",
// oauth_timestamp="...",
// oauth_nonce="...",
// oauth_version="1.0",
// oauth_signature="..."🏋️ Practice Exercises
Exercise 1: GET Endpoint
Create a RESTlet that returns a list of open Sales Orders for a given customer ID.
Exercise 2: POST Endpoint
Create a RESTlet that accepts JSON to create a Contact record.
🎯 Key Takeaways
- RESTlets are web service endpoints for system integration
- Implement get(), post(), put(), delete() functions
- Return JavaScript objects - auto-converted to JSON
- GET receives parameters, POST/PUT receive body
- Requires authentication (TBA recommended)