Find an API

Search public APIs with auth details & Postman guides

← All APIs

Oracle NetSuite REST API

netsuite.com · Company

Company OAuth2 Paid Financial Services Retail & E-Commerce Manufacturing ERP Finance Enterprise

REST and SuiteQL APIs for Oracle NetSuite ERP. Access financial records, inventory, CRM, purchasing, and custom objects. NetSuite is the leading cloud ERP for mid-market companies. Requires NetSuite subscription and REST feature enabled.

Authentication

OAuth2 OAuth2 client credentials or OAuth 1.0a (legacy). Token-based authentication preferred. Enable REST Web Services in NetSuite Setup → Company → Enable Features.

Sample Requests

GET Get customer record

Returns a NetSuite customer record by internal ID.

https://{accountId}.suitetalk.api.netsuite.com/services/rest/record/v1/customer/{internalId}

Hover any highlighted part to learn what it does

Headers — extra info sent with the request
Authorization Bearer YOUR_ACCESS_TOKEN
curl -X GET "https://{accountId}.suitetalk.api.netsuite.com/services/rest/record/v1/customer/{internalId}" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN"
import requests
headers = {
    "Authorization": "Bearer YOUR_ACCESS_TOKEN"
}
response = requests.get(
    "https://{accountId}.suitetalk.api.netsuite.com/services/rest/record/v1/customer/{internalId}",
    headers=headers,
)
print(response.json())
const url = 'https://{accountId}.suitetalk.api.netsuite.com/services/rest/record/v1/customer/{internalId}';

const response = await fetch(url, {
  headers: {
    'Authorization': 'Bearer YOUR_ACCESS_TOKEN'
  },
}); 
const data = await response.json();
console.log(data);
package main

import (
	"fmt"
	"io"
	"net/http"
)

func main() {
	targetURL := "https://{accountId}.suitetalk.api.netsuite.com/services/rest/record/v1/customer/{internalId}"
	req, _ := http.NewRequest("GET", targetURL, nil)
	req.Header.Set("Authorization", "Bearer YOUR_ACCESS_TOKEN")

	client := &http.Client{}
	resp, _ := client.Do(req)
	defer resp.Body.Close()
	body, _ := io.ReadAll(resp.Body)
	fmt.Println(string(body))
}
require "net/http"
require "json"

uri = URI("https://{accountId}.suitetalk.api.netsuite.com/services/rest/record/v1/customer/{internalId}")

http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"

req = Net::HTTP::Get.new(uri)
req["Authorization"] = "Bearer YOUR_ACCESS_TOKEN"

res = http.request(req)
puts JSON.parse(res.body)
<?php
$url = "https://{accountId}.suitetalk.api.netsuite.com/services/rest/record/v1/customer/{internalId}";
$opts = ["http" => [
    "method" => "GET",
    "header" => implode("\r\n", [
        "Authorization: Bearer YOUR_ACCESS_TOKEN"
    ]),
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));
POST SuiteQL query

Execute SQL-like queries against NetSuite data. Returns any record type in tabular format.

https://{accountId}.suitetalk.api.netsuite.com/services/rest/record/v1/query/v1/suiteql

Hover any highlighted part to learn what it does

Headers — extra info sent with the request
prefer transient
Content-Type application/json
Authorization Bearer YOUR_ACCESS_TOKEN
Request Body — data you're sending
{
  "q": "SELECT id, companyName, email FROM customer WHERE isInactive = 'F' LIMIT 10"
}
curl -X POST "https://{accountId}.suitetalk.api.netsuite.com/services/rest/record/v1/query/v1/suiteql" \
  -H "prefer: transient" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"q":"SELECT id, companyName, email FROM customer WHERE isInactive = 'F' LIMIT 10"}'
import requests
headers = {
    "prefer": "transient",
    "Content-Type": "application/json",
    "Authorization": "Bearer YOUR_ACCESS_TOKEN"
}
data = {
    "q": "SELECT id, companyName, email FROM customer WHERE isInactive = 'F' LIMIT 10"
}
response = requests.post(
    "https://{accountId}.suitetalk.api.netsuite.com/services/rest/record/v1/query/v1/suiteql",
    headers=headers,
    json=data,
)
print(response.json())
const url = 'https://{accountId}.suitetalk.api.netsuite.com/services/rest/record/v1/query/v1/suiteql';

const response = await fetch(url, {
  method: 'POST',
  headers: {
    'prefer': 'transient',
    'Content-Type': 'application/json',
    'Authorization': 'Bearer YOUR_ACCESS_TOKEN'
  },
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
  "q": "SELECT id, companyName, email FROM customer WHERE isInactive = 'F' LIMIT 10"
}),
}); 
const data = await response.json();
console.log(data);
package main

import (
	"fmt"
	"io"
	"net/http"
	"bytes"
	"encoding/json"
)

func main() {
	targetURL := "https://{accountId}.suitetalk.api.netsuite.com/services/rest/record/v1/query/v1/suiteql"
	jsonData, _ := json.Marshal({"q":"SELECT id, companyName, email FROM customer WHERE isInactive = 'F' LIMIT 10"})
	req, _ := http.NewRequest("POST", targetURL, bytes.NewBuffer(jsonData))
	req.Header.Set("prefer", "transient")
	req.Header.Set("Content-Type", "application/json")
	req.Header.Set("Authorization", "Bearer YOUR_ACCESS_TOKEN")
	req.Header.Set("Content-Type", "application/json")

	client := &http.Client{}
	resp, _ := client.Do(req)
	defer resp.Body.Close()
	body, _ := io.ReadAll(resp.Body)
	fmt.Println(string(body))
}
require "net/http"
require "json"

uri = URI("https://{accountId}.suitetalk.api.netsuite.com/services/rest/record/v1/query/v1/suiteql")

http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = uri.scheme == "https"

req = Net::HTTP::Post.new(uri)
req["prefer"] = "transient"
req["Content-Type"] = "application/json"
req["Authorization"] = "Bearer YOUR_ACCESS_TOKEN"
req["Content-Type"] = "application/json"
req.body = "{\"q\":\"SELECT id, companyName, email FROM customer WHERE isInactive = 'F' LIMIT 10\"}"

res = http.request(req)
puts JSON.parse(res.body)
<?php
$url = "https://{accountId}.suitetalk.api.netsuite.com/services/rest/record/v1/query/v1/suiteql";
$opts = ["http" => [
    "method" => "POST",
    "header" => implode("\r\n", [
        "prefer: transient",
        "Content-Type: application/json",
        "Authorization: Bearer YOUR_ACCESS_TOKEN",
        "Content-Type: application/json"
    ]),
    "content" => json_encode({"q":"SELECT id, companyName, email FROM customer WHERE isInactive = 'F' LIMIT 10"}),
]];
$ctx = stream_context_create($opts);
$res = file_get_contents($url, false, $ctx);
print_r(json_decode($res, true));

Postman Setup Guide

Get Postman ↗
  1. Enable REST Web Services in NetSuite: Setup → Company → Enable Features → REST Web Services
  2. Create an integration record: Setup → Integration → Manage Integrations → New
  3. Check OAuth 2.0 and note the client_id and client_secret
  4. Create a role with REST Web Services permission and assign to an employee
  5. Token URL: https://system.netsuite.com/rest/auth/oauth2/v1/token
  6. Account ID is your NetSuite account number (e.g. 1234567)
  7. SuiteQL (POST /query/v1/suiteql) is the most flexible — use SQL syntax across all records

What can you build with Oracle NetSuite REST API?

Oracle NetSuite REST API is a Company API. Developers commonly use company APIs for:

  • enriching CRM records with company firmographics
  • building lead-generation and prospecting tools
  • verifying business identity and registration details
  • monitoring competitors and market intelligence
  • powering B2B data enrichment pipelines

OAuth 2.0. OAuth lets your app act on behalf of a user. You redirect them to authorise access, receive a token, then use that token in requests. Best for accessing user-owned data. Oracle NetSuite REST API is a paid API — check the provider's pricing page before building a production integration.

New to APIs? Read our beginner's guide · Learn about API keys · What is REST?

Open documentation ↗