NetSuite Integration Options Overview
NetSuite offers multiple integration interfaces: REST (RESTlet, SuiteQL, SuiteTalk REST), SOAP (SuiteTalk), and CSV/saved search–based integration. Each has strengths, rate limits, and use cases. Choosing the right approach affects scalability, maintenance, and cost. This guide compares options, outlines authentication and error handling, and helps you design integrations that scale.
REST Web Services
REST is the preferred modern approach for new integrations. Use RESTlets (custom endpoints you deploy in NetSuite via SuiteScript) for custom business logic, or the native REST API (SuiteTalk REST) for standard record CRUD without code. Authentication: OAuth 2.0 or token-based (TBA). Rate limits apply—typically 10 requests per second per account for REST; bulk operations have different limits. REST is ideal for real-time, event-driven sync with CRM, ecommerce, or external apps.
SOAP (SuiteTalk)
SOAP is the legacy but still-supported option. Uses WSDL and XML messaging. Authentication: email/password (deprecated for new integrations) or token-based. SuiteTalk supports full record operations and search. Many middleware tools (Celigo, Jitterbit, MuleSoft) and legacy systems only support SOAP. Use when REST isn't available, for WSDL-based code generation, or when integrating with systems that require SOAP.
SuiteQL
SuiteQL is a SQL-like query language available via REST. Use for read-only, complex queries—joins, aggregations, subqueries. Ideal for reporting integrations, data warehouse feeds, and analytics. SuiteQL cannot insert or update records. Combine with REST Record API or RESTlets for full read-write: query with SuiteQL, then create/update via REST.
| Interface | Best For | Rate Limits (typical) |
|---|---|---|
| REST Record API | Standard CRUD, real-time | ~10 req/sec |
| RESTlet | Custom logic, complex workflows | Governance limits apply |
| SuiteQL | Read-only, reporting | Query limits |
| SOAP | Legacy, middleware compatibility | ~5 req/sec |
| CSV / Saved Search | Batch, low-frequency | Manual/scheduled |
When to Use Which
REST: New integrations, real-time sync, cloud-to-cloud, modern APIs. SOAP: Legacy systems, middleware with no REST support, WSDL-based tooling. CSV/Saved Search: Batch exports, low-frequency (daily/weekly) simple mappings, no code. SuiteScript + HTTP: Logic must run inside NetSuite; call external systems via N/http. Celigo/Jitterbit: Pre-built connectors, less custom code, managed middleware.
Authentication Best Practices
Use integration records and OAuth 2.0 or token-based auth. Avoid storing passwords in scripts or config files. Rotate tokens periodically (e.g., every 90 days). Use a dedicated integration role with minimum required permissions—never use an admin account. For REST, use OAuth 2.0 client credentials or authorization code flow as appropriate.
Error Handling and Retry
Implement exponential backoff for rate limit (429) errors. Log failures with request ID and payload for troubleshooting. For creates, consider idempotency: check for existing record (by external ID or key) before insert. Use NetSuite's bulk operations (e.g., bulk upsert) for large volumes to reduce request count. Validate payloads before send; handle partial failures with retry queues.
YRK Consulting designs and implements NetSuite integrations. Contact us.