Our previous blog, which provided a complete setup guide for the NetSuite AI connector, explained in detail how to set up the NetSuite AI Connector and connect it with Claude AI. If you haven’t installed the MCP Tools SuiteApp or completed the necessary configurations, roles, and permissions in NetSuite, we recommend reviewing that article before proceeding with this guide.
In this article, we’ll focus on how to connect the NetSuite AI Connector with Postman. This connection allows you to:
- List available MCP (Model Context Protocol) tools deployed in your NetSuite account.
- Call and test tools directly from Postman without writing any custom code.
By the end, you’ll be able to authenticate with NetSuite, fetch available tools, and start making test requests via Postman.
Prerequisites
Make sure you have the following before starting:
- Postman Desktop app installed
Server URL and SuiteApp Namespacing
To establish a connection, you need a NetSuite AI Connector Service URL. This URL is unique to your NetSuite account and should be provided by your Administrator.
Depending on your use case, use one of the following formats:
1. All Tools in Account (SuiteApps + ACPs)
https://{{account_id}}.suitetalk.api.netsuite.com/services/mcp/v1/all
Example:
https://tstdrv1234567.suitetalk.api.netsuite.com/services/mcp/v1/all
This returns all available custom tools deployed in your account (from both SuiteApps and Account Customization Projects (ACPs)).
2. Tools from a Specific SuiteApp Only
https://{{account_id}}.suitetalk.api.netsuite.com/services/mcp/v1/suiteapp/<applicationid>
Where <applicationid> follows the format:
<publisherid>.<projectid>
Example:
https://tstdrv1234567.suitetalk.api.netsuite.com/services/mcp/v1/suiteapp/com.netsuite.mcptools
This returns only the MCP tools exposed by that specific SuiteApp.
This flexibility allows you to either:
- Fetch all tools in your account (ideal for discovery & testing), or
- Fetch tools from a specific SuiteApp (useful for scoped integrations).
To see a practical example of a custom MCP tool built and deployed as a SuiteApp, check out our detailed blog on building and deploying custom tools in NetSuite.
NetSuite AI Connector Service-Specific Integration Record
When you perform the first authentication flow (for example, using the Sample MCP Tools SuiteApp in Claude, ChatGPT, or Postman), NetSuite automatically creates an integration record in your account. The integration record only appears once the first connection is successfully established. This record manages the authentication and authorization between NetSuite and external clients.
Location
You can view this record by navigating to:
Setup > Integration > Manage Integrations
Only users with the Administrator role (or roles with appropriate integration permissions) can access and manage this record.
Key Characteristics
Unlike standard integration records, the NetSuite AI Connector integration record has the following pre-configured characteristics:
- Pre-Populated Name: The integration record automatically includes a name identifying it as the NetSuite AI Connector. If you connect using Claude, its name will be Claude AI, and for ChatGPT, its name will be ChatGPT.
- Public Client Enabled: The Public Client box is checked by default. This ensures the integration uses a public client setup suitable for OAuth 2.0 with PKCE (Proof Key for Code Exchange).
- Redirect URI Configured: The Redirect URI field is automatically populated, matching the callback URL required for authentication flows.
- Authorization Code Grant Checked: The record is pre-configured to use the Authorization Code Grant flow, ensuring secure token exchange during OAuth.
- MCP Scope Enabled: The NetSuite AI Connector Service (MCP scope) is enabled by default, allowing the integration to access AI Connector APIs.
- Editable State and Concurrency Limit:
- You can disable the integration at any time by updating the State field.
- The Concurrency Limit field is editable.
- Token Expiry Settings:
- Access Token Expiry → Defines how long an issued access token remains valid before it must be refreshed.
- Refresh Token Expiry → Defines how long the refresh token itself remains valid. Once it expires, a new authorization flow is required.
Important Note on Auto-Installed Integration Records
The behaviour of automatic creation of the integration record in NetSuite depends on the preference Require Approval During Auto-installation of Integration in SOAP Web Services Preferences:
- If the box is unchecked → the integration record is installed automatically when the access token is granted.
- If the box is checked → the integration record will not auto-install. To resolve this issue, clear the checkbox in SOAP Web Services Preferences.
If an access token was already granted before clearing the box, you’ll need to enable the record manually:
- Go to Setup > Integration > Manage Integrations.
- Click the name of the corresponding integration record.
- Change the State field value to Enabled.
Reference: Oracle Docs – Managing Integration Records.
Integration Record created using Claude AI Redirect URI.
Integration Record created using ChatGPT Redirect URI
Step 1: Open Postman and Create a New Request
- Launch Postman Desktop.
- Create a New Request inside a collection.
- Set the Request Method to POST.
- Enter the following URL (replace {{account_id}} with your NetSuite Account ID, e.g., 123456_SB1):
https://{{account_id}}.suitetalk.api.netsuite.com/services/mcp/v1/all
Step 2: Configure Authorization
Next, we need to configure OAuth 2.0 authentication in Postman so that NetSuite authorizes requests.
- Go to the Authorization tab in your request.
- Set Auth Type to OAuth 2.0.
- Under Add authorization data to, choose Request Headers.
Step 3: Configure New Token in Postman
Basic Token Details
- Token Name: MCP Token (any descriptive name)
- Grant Type: Authorization Code (With PKCE)
- Callback URL:
- For Claude AI → https://claude.ai/api/mcp/auth_callback
- For ChatGPT → https://chatgpt.com/connector_platform_oauth_redirect
- Uncheck → “Authorize using browser”
(Because we need to provide a custom callback URL manually.)
If you check the “Authorize using browser” option, Postman will always use its default callback URL:
https://oauth.pstmn.io/v1/callback
What happens in this case?
- If the redirect URI in your NetSuite Integration Record does not match Postman’s default callback, the flow will fail with an “Invalid Login attempt” error.
- To make it work, the redirect URI in the Integration Record must exactly match the one Postman is using.
Using a custom integration record in NetSuite:
- You can create your own custom Integration record in NetSuite, check the NetSuite AI Connector Service, and set the redirect URI to https://oauth.pstmn.io/v1/callback.
- Then, use the Client ID from this integration record in Postman.
- In this setup, the access and refresh tokens will be fetched successfully, since the redirect URI matches on both sides.
Reference: For detailed steps on how to create Integration Records for applications to use OAuth 2.0, see the official Oracle NetSuite documentation: Create Integration Records for Applications to Use OAuth 2.0.
Authentication URLs
Auth URL:
https://{{account_id}}.app.netsuite.com/app/login/oauth2/authorize.nl
Access Token URL:
https://{{account_id}}.suitetalk.api.netsuite.com/services/rest/auth/oauth2/v1/token
Client & Security Parameters
- Client ID:
For Claude AI → 82f37ec8cf43b684fdd72405c89a3aac258760addff3693d00e5c6f04750cb36
For ChatGPT → 8bd36ddaa4045648f4222c787e335541411c40663e2c4005c553c9c89f71d148
- Client Secret: Leave empty. These integrations are configured as Public Clients, which do not require a client secret. Public Clients — such as mobile apps, desktop clients, or web applications — cannot securely store a secret in the frontend. Instead, they use the OAuth 2.0 PKCE (Proof Key for Code Exchange) flow for secure authentication without a client secret.
- Code Challenge Method: SHA-256
- Scope: mcp (grants access to MCP tools. It is required and its value can not be changed)
- State: {{$guid}} (auto-generated unique identifier in Postman. You can also provide some unique identifier every time if you want to.)
- Client Authentication: Send as Basic Auth header
Step 4: Advanced Token Settings
In the Advanced tab, configure additional request parameters:
- Auth Request:
- Key: response_type → Value: code
- Key: response_type → Value: code
- Token Request:
- Key: grant_type → Value: authorization_code
- Send In: Request Body
- Refresh Request:
- Key: grant_type → Value: refresh_token
- Send In: Request Body
Reference: Oracle’s documentation provides the complete sequence of requests for this flow. In particular, Step 1 and Step 2 outline the required hardcoded parameters that must be passed during the Authorization Request and Token Request: OAuth 2.0 Authorization Code Grant Flow
Step 5: Request and Save Token
Click “Get New Access Token.” Postman will now initiate the OAuth 2.0 Authorization flow.
Tip: If you want to log in with a different set of credentials (e.g., switching from sandbox to production, or testing another role), click the Clear Cookies button in the Postman authorization window before starting the flow. This ensures that any active NetSuite session is cleared, and you get a fresh login prompt.
Consent and Login Flow:
- If there is no active NetSuite session, you will first be redirected to the NetSuite login page. Enter your credentials.
- After login, you will be prompted to select a role. Make sure you choose a role that has the NetSuite AI Connector-specific permissions.
Authorization Screen:
- If the application has not been authorized previously, you will see a consent screen. Here, you must click Allow to grant access.
- If the application was previously authorized, you may see a ‘Continue’ button instead of ‘Allow’. Clicking it will reuse the authorization.
Interrupt Options:
- At the consent screen, you also have options:
- Deny → stops the flow if you do not want to grant access.
- Go Back → cancels the authorization and returns you to the previous step.
Access Token Retrieval:
- Once you click Allow (or Continue), Postman fetches the Access/Refresh Token from the POST token endpoint we configured earlier and displays it in a pop-up window.
About the Prompt Parameter
NetSuite provides a prompt parameter in the OAuth 2.0 Auth Request to control when the login or consent screen appears. For example:
- prompt=login → Forces the login screen even if an active session exists.
- prompt=consent → Always shows the consent screen.
- prompt=none → Skips both if already authorized.
References:
Important Note: According to Oracle’s documentation, all options that include the Never Ask policy are unavailable for the MCP scope. This means that MCP-based integrations (Claude, ChatGPT, Postman, etc.) cannot bypass consent entirely; the user must always grant access during the flow.
Click Use Token to attach it automatically to your request in Postman.
Once the token is applied, you can view additional details under the Current Token section in Postman, including:
- Token Expiry Time → Typically set to 1 hour by NetSuite for access tokens.
- Refresh Token Option → A “Refresh Token” link will appear, which lets you request a new access token without going through the full authorization flow again (as long as the refresh token is still valid).
Step 6: Send a Request to NetSuite AI Connector To List All Tools Deployed in the Account
Now that you’re authenticated, send a POST request to list all available tools:
URL: https://{{account_id}}.suitetalk.api.netsuite.com/services/mcp/v1/all
Body:
{
"jsonrpc": "2.0",
"id": "{{$guid}}",
"method": "tools/list"
}
Field Descriptions:
- jsonrpc → Defines the protocol version. Always set to “2.0” when working with MCP APIs.
- ID → A unique identifier for the request. Using {{$guid}} in Postman generates a new GUID automatically, ensuring uniqueness.
- Method → Specifies which MCP method to call.
- Tools/list returns a list of all available MCP tools deployed in your NetSuite account (SuiteApps + ACPs).
Response:
You should receive a JSON response listing all available MCP tools deployed in your NetSuite account.
Step 7: Send a Request to NetSuite AI Connector To List All Tools from a Specific SuiteApp Only
Now that you’re authenticated, send a POST request to list tools for a SuiteApp:
URL: https://{{account_id}}.suitetalk.api.netsuite.com/services/mcp/v1/suiteapp/com.netsuite.mcpstandardtools
Response:
You should receive a JSON response listing all available MCP tools for the SuiteApp to which you are connected. For example:
- MCP Sample Tools (com.netsuite.mcptools) → exposes 13 tools
- MCP Standard Tools (com.netsuite.mcpstandardtools) → exposes 9 tools
Step 8: Call a Specific Tool
Once you have a list of tools, you can test specific ones by sending POST requests to their respective endpoints with required payloads. This allows you to validate integrations before embedding them into AI workflows. Below are a few examples:
Example 1: Create a Customer.
URL: https://tstdrv1234567.suitetalk.api.netsuite.com/services/mcp/v1/suiteapp/com.netsuite.mcpstandardtools
Body:
For the MCP Standard Tools, data in the body should be a stringified JSON object.
{
"jsonrpc": "2.0",
"id": "{{$guid}}",
"method": "tools/call",
"params": {
"name": "ns_createRecord",
"arguments": {
"recordType": "customer",
"data": "{\"subsidiary\": 20, \"isperson\": false, \"companyname\": \"Folio3 Test Customer\", \"email\": \"[email protected]\" }"
}
}
}
Response:
This will create a new customer in your account.
Example 2: Run a SuiteQL Query (Query Tool)
URL: https://{{account_id}}.suitetalk.api.netsuite.com/services/mcp/v1/all
Body:
{
"jsonrpc": "2.0",
"id": "{{$guid}}",
"method": "tools/call",
"params": {
"name": "runCustomSuiteQL",
"arguments": {
"sqlQuery": "SELECT id, entityid, datecreated FROM customer where isperson = 'F' AND companyname LIKE '%Folio3%' ORDER BY datecreated DESC FETCH FIRST 5 ROWS ONLY"
}
}
}
Response:
This will return the first 5 customers from your account that match the company type and have a company name containing ‘Folio3’
Example 3: Retrieve Sales Orders
URL: https://{{account_id}}.suitetalk.api.netsuite.com/services/mcp/v1/all
Body:
{
"jsonrpc": "2.0",
"id": "{{$guid}}",
"method": "tools/call",
"params": {
"name": "getSalesOrderWithFilters",
"arguments": {
"customerId": "44247"
}
}
}
Response:
This will return the Sales Orders for the customer with ID 44247.
Important: MCP Sample Tools SuiteApp Removed
NetSuite previously provided the MCP Sample Tools SuiteApp in the SuiteApp Marketplace, which exposed 13 ready-to-use tools for testing.
According to Oracle’s documentation (AI Connector – MCP Sample Tools SuiteApp), this SuiteApp has now been removed from the Marketplace and is no longer available for new installations.
- If you already have the Sample Tools SuiteApp installed in your account, it will continue to work.
- If not, you can still access the tools — they are available in the MCP-Sample-Tools directory of the SuiteCloud Project Repository on Oracle’s GitHub. These tools must be deployed manually into your account.
- Alternatively, you can build and deploy your own custom tools or use those created by other developers.
This change doesn’t affect how Postman, Claude, or ChatGPT connect to the NetSuite AI Connector — it only impacts the availability of prebuilt sample tools.
Conclusion
You’ve now successfully connected the NetSuite AI Connector with Postman using both Claude AI and ChatGPT.
This setup empowers you to:
- Quickly test MCP-based integrations.
- Explore all available NetSuite tools.
- Validate API calls before embedding them into integrations.
By leveraging Postman, you can safely experiment in sandbox or production environments without writing any custom code.
Related Reading
If you missed the setup steps, check out our first article: A Complete Setup Guide for NetSuite AI Connector (covers installing the SuiteApp, roles, and permissions) and connect with Claude AI.
If you want to go further and build your own custom MCP tools to deploy as a SuiteApp, see our detailed blog: Building and Deploying Custom Tools in NetSuite.
