Configure OAuth 1.0a credentials in NetSuite (Integration record + Access Token); collect the account ID, consumer key/secret, and token key/secret.
Construct the base URL using your account ID: https://{accountId}.suitetalk.api.netsuite.com/services/rest/record/v1/{recordType}.
Sign the HTTP request using OAuth 1.0a signature method (HMAC-SHA256); include the Authorization header with oauth_consumer_key, oauth_token, oauth_signature_method, oauth_timestamp, oauth_nonce, and oauth_signature.
POST the record body as JSON; for example, to create a vendor bill, include entity (vendor internal ID), tranDate, and itemList or expenseList arrays.
Parse the 204 response; the Location header contains the URL of the newly created record, from which you can extract the internal ID.
To read the record back, issue a GET to the URL from the Location header.
Known gotchas
NetSuite account IDs use underscores in the REST URL format (e.g., 1234567_SB1 for sandbox); using hyphens or the wrong format causes DNS resolution failure.
OAuth 1.0a timestamp must be within a few minutes of NetSuite server time; clock skew causes authentication failures.
Many NetSuite record fields accept internal IDs rather than names; use the metadata endpoint or Schema Browser to discover the correct field names and value types.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp