A guide to building an Oracle NetSuite integration

Engineering Tue 10 Jan 2023

How to streamline and simplify your build when working with the NetSuite API.

Oracle NetSuite covers a large swath of small businesses around the world, serving over 32,000 customers in the USA, UK, Australia, Northern, and Western Europe, Latin America, and Singapore. Although NetSuite may serve fewer individual businesses than small business-focused platforms like QuickBooks, NetSuite is typically favored by much larger companies and performs exceptionally well among those with 100+ employees.

That makes NetSuite one of the top cloud-based ERP systems for growing companies, with an attractive customer base for any financial service or fintech provider looking to expand their reach in the SMB market.

That said, integrating with NetSuite is neither quick nor easy. As an ERP system, it’s inherently more complex than other accounting platforms. Its highly customizable system and wide range of differentiated APIs can make the integration process especially challenging. In addition, the NetSuite API documentation and data model can also be complex for development teams to understand, so building a connection in-house often takes a lot of time, effort, and resources to get right.

In this post, Codat’s expert engineers share some first-hand observations from their own NetSuite build, along with actionable tips and strategies to get your integration on the right track.

1. Setting up a NetSuite integration can be more complex than other accounting platforms 🤔

There are a few hoops to jump through to get a NetSuite integration up and running. These include enabling mandatory features and generating an integration record. If you’ve worked with QuickBooks Online or FreshBooks, it’s similar to the process of creating an application.

Specifically, you’ll be required to:

Select an authentication method: You’ll be prompted to choose between auth factors like OAuth 2.0 and token-based authentication.
Select which API you will use: You can integrate through SOAP, REST, or RESTlets.
Create and configure an integration record: You’ll be required to specify which authentication method(s) and scopes you’re using and to enter a valid callback URL for your application.
Obtain client credentials: Once you’ve created an integration record, the system will generate new client credentials (including a consumer key and a consumer secret), which you can use when linking a company.

Codat allows you to skip the final steps with a pre-configured integration record that’s distributed to developers in a larger bundle—NetSuite’s term for a preconfigured set of code, files, configurations, and other components that you can apply in bulk to different accounts. That means, with Codat, you only need to enable the required features and install the appropriate bundle to be ready to link.

2. A NetSuite development account is an excellent resource, but a license can be costly 💸

With NetSuite, development and production accounts are fully isolated, though they contain the same features and functionalities.

Unlike the sandbox environment—which carries a complete copy of your production data—your NetSuite development account doesn’t import any production data or custom configurations. That means you can use it to test new apps and customizations without worrying about how they will impact your live system and active connections. It also means you can let external, third-party partners collaborate on development without putting any sensitive company data at risk.

To make the most of a NetSuite development account, Oracle recommends setting one up at the outset of a new project since you won’t be able to migrate data from your sandbox later.

To set up a NetSuite development account, you must first open an account through Oracle and obtain the proper licensing and permissions. Keep in mind, individual NetSuite accounts can be pricey, and the total cost for an organization—typically around $10,000 upwards—may be prohibitive, depending on your company’s size and resources. The process also introduces some friction for developers who only intend to use a development account for basic end-to-end testing.

Codat helps clients with any required testing with Netsuite to get their integration up and running. Contact our team to learn more.

3. NetSuite is highly customizable—and that’s not always a good thing for developers 🖌️

At Codat, we discovered the hard way that having one or two specific features enabled or disabled for a particular company in NetSuite can break quite a few data types in the integration.

NetSuite also allows you to customize the forms you use to create a record. For example, for different companies, you can remove fields, make them mandatory, and change the field position by adding it to the line level—but this can break some of your data pushes.

4. There are two traditional NetSuite APIs and two flexible integration options 🔗

NetSuite offers two traditional APIs, allowing you to integrate through SOAP and REST. Both provide a set of specific endpoints that expose CRUD operations.

However, the REST API and its endpoints are still in beta, meaning the contents are preliminary and may be changed or discontinued without prior notice. It’s also worth noting that the REST API only offers a top-level view of things. This requires developers to make more queries for every single item, impacting performance and throughput.

To access REST endpoints, you must enable the related feature—but first, you’ll need to submit a formal request and wait for permission from Oracle to participate in their NetSuite Beta Program.

Aside from these two traditional APIs, NetSuite provides more flexible integration options through SuiteQL and SuiteScripts. These are the tools we at Codat use in our own NetSuite integration.

SuiteQL is a query language based on Oracle SQL. It allows you to query the NetSuite data model but only supports read operations.

SuiteScripts is a NetSuite scripting language that allows you to expand on the existing API with custom endpoints. For example, we used SuiteScripts to build our own generic CRUD API, which supports many use cases without requiring additional changes. We currently use it for all our pushes, updates, and deletes.

There are quite a few anomalies to remember regarding how these flexible NetSuite APIs behave. Among other things:

Native paging for SuiteQL only allows you to fetch up to 100,000 records. For Codat, that meant implementing our own custom paging to override the cap for fetches exceeding the limit.
When some features are disabled (e.g., multi-currency), some tables and columns will cease to exist. This can cause some of your queries to fail. At Codat, we had to make our queries dynamic to counteract this possibility.
You need to set or ignore specific fields to prevent pushes from failing. Of course, this will depend on the particular features you have enabled through NetSuite.
NetSuite errors are often unhelpful. For example, a timeout may be surfaced as several different types of errors, including unauthorized errors like 401s.

Wondering whether it’s more cost-effective to build and maintain integrations in-house or outsource the effort to a third-party provider? Our cost to build calculator helps you understand how long it could take and how much it could cost to build the integrations you need from scratch.

5. There is substantial NetSuite API documentation, but it’s difficult to navigate 🗺️

The good news? NetSuite offers an abundance of documentation.

The bad news? Given the length of some of the entries, it can take time to pinpoint relevant information or to find a precise answer to a specific question.

This may be due to deficiencies in the search function, the fact that NetSuite has multiple sources of documentation spread across their site, or the use of original, NetSuite-branded terms that are unique to their platform (for instance, the word “Suite” comes up a lot). Whatever the reason, it can often feel easier to just test against the NetSuite platform directly rather than wading through their docs.

6. You can merge customizations in NetSuite “bundles” to apply them seamlessly across accounts 📦

A NetSuite “bundle” is essentially just a development package. It allows you to group a set of customizations, which you can then distribute and apply in bulk across other accounts.

In Codat’s case, we decided to create a bundle to unify all of our customized endpoints, along with the integration record that allows our clients to link out to different companies. That way, their end-users don’t need to worry about manually installing SuiteScripts or creating an integration record. Instead, it’s all done automatically once the NetSuite bundle is installed.

7. The SuiteApps marketplace can boost your visibility—but getting listed is tough 🚀

SuiteApps are independent applications that integrate with NetSuite and extend the platform to meet different business and industry needs. They’re developed either by Oracle itself or by approved third-party vendors that have joined the SuiteCloud Developer Network (SDN)—NetSuite’s version of an app partner program.

Joining SDN and getting approved as a SuiteApp earns you a listing in the NetSuite marketplace and a “Built for Oracle NetSuite” tag to post on your app—instantly boosting your brand’s presence and credibility among SMBs. However, it’s tricky to be accepted unless you already have thousands of NetSuite users, which can be a high bar for growing apps to meet. SDN membership also comes with an annual fee, which will set you back several thousand dollars.

8. NetSuite OneWorld unlocks global connections and added complexity 🌎

A standard NetSuite account allows companies to manage data for a hierarchy of separate legal entities known as subsidiaries. A NetSuite OneWorld account enables those subsidiaries to be international. When new international subsidiaries are created through NetSuite OneWorld, the country selected determines which NetSuite edition is used.

Each region-specific edition has different features and rules—the most important being the way they handle taxes. For example, a tax rate is required when creating bills for a U.K. subsidiary but not for a U.S. subsidiary.

If you want an effective global NetSuite integration, you need to test against each separate edition to ensure consistency.

Codat abstracts away these details and differences. Our platform automatically builds the rules and standards of different regions (i.e. the UK, the US, and Europe) into your connection and manages them for you.

9. Connecting to an ERP platform like NetSuite requires an understanding of accounting 🔢

While the interfaces of systems like Xero and QuickBooks are designed for the standard developer to understand, ERP systems like NetSuite are much more complex. You’ll need knowledge of how information typically flows in accounting—especially if you want to break the data down to identify and analyze important trends.

Among other elements, working with NetSuite involves navigating specialized concepts like:

Parents and subsidiaries, with intricate settings and hierarchies
Complex tax groups (or tax codes), the specifications of which can vary significantly by region or jurisdiction
Functions, or hundreds of specialized tools and capabilities—from marketing automation to customer management to eCommerce customizations—split across 13 different modules

Functions, in particular, can cause confusion because they’re not pre-defined. That means you can’t easily assume user intention and intuitively map endpoints if the platform is misused—as you can with the liked of Xero and Sage Business Cloud.

How Codat can help

The bottom line? It takes a lot of time, money, and expertise to build and maintain an in-house accounting integration with Oracle NetSuite—even more so than most other accounting platforms.

The following charts should give you an idea of the staffing and resources you’d need to build any successful accounting integration to scale:

Keep in mind, for a complicated ERP like NetSuite, the numbers are likely to fall on the upper end of this spectrum. It can take companies up to six months to build a functional integration.

Building just once to Codat simplifies the process—and reduces the related cost—significantly. All you have to do to connect to NetSuite is enable the integration in your Codat settings.

From there, Codat takes over. Our business data APIs:

Abstracts away the details and complexities of the NetSuite API data model
Standardizes accounting data and categories into one intuitive package
Handles every emerging update and edge case to keep your integration maintained and at peak performance

That’s not just true of NetSuite. It’s true of every major accounting system your SMB customers use. That means you never have to worry about or deal with the details and differences between accounting platforms, so you can build quickly and at your best.

💡 Want to learn more about integrating with the Oracle NetSuite API?

Get in touch with Codat to chat with our engineering team using the form below to get your questions answered.
You can also jump into our docs to review the details of our business data APIs—or check out our complete guide to building best-in-class accounting integrations for your app.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	1 year	This cookies is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Analytics".
cookielawinfo-checkbox-necessary	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
lpv887333	30 minutes	No description
visitor_id887333	10 years	No description
visitor_id887333-hash	10 years	No description

Cookie	Duration	Description
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gat_gtag_UA_89798244_1	1 minute	Google Analytics cookies are used to collect information about how Visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of Visitors to the site, where Visitors have come to the site from, and the pages they visited.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
_hjAbsoluteSessionInProgress	30 minutes	This cookie is used to detect the first pageview session of a user. This is a True/False flag set by the cookie.
_hjFirstSeen	30 minutes	This is set by Hotjar to identify a new user’s first session. It stores a true/false value, indicating whether this was the first time Hotjar saw this user. It is used by Recording filters to identify new user sessions.
_hjid	1 year	This cookie is set by Hotjar. This cookie is set when the customer first lands on a page with the Hotjar script. It is used to persist the random user ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.
_hjIncludedInPageviewSample	2 minutes	This cookie is set to let Hotjar know whether that visitor is included in the data sampling defined by your site's pageview limit.
_hjTLDTest	session	When the Hotjar script executes we try to determine the most generic cookie path we should use, instead of the page hostname. This is done so that cookies can be shared across subdomains (where applicable). To determine this, we try to store the _hjTLDTest cookie for different URL substring alternatives until it fails. After this check, the cookie is removed.
_lfa	2 years	This cookie is set by the provider Leadfeeder. This cookie is used for identifying the IP address of devices visiting the website. The cookie collects information such as IP addresses, time spent on website and page requests for the visits.This collected information is used for retargeting of multiple users routing from the same IP address.
pardot	past	The cookie is set when the visitor is logged in as a Pardot user.
vuid	2 years	This domain of this cookie is owned by Vimeo. This cookie is used by vimeo to collect tracking information. It sets a unique ID to embed videos to the website.