With the release of NetSuite 2025.1, a long-awaited feature is finally here: native support for Pretty Good Privacy (PGP) encryption and decryption via the new N/pgp module. This enhancement simplifies secure data exchanges within NetSuite and eliminates the need for third-party middleware, reducing costs and streamlining system architecture.
In today’s interconnected environments - especially those involving sensitive customer, financial, or proprietary data - encryption is no longer optional. From APIs to third-party integrations, businesses must ensure that data in transit is protected against interception and tampering.
PGP is a trusted, standards-based approach to securing data. It uses asymmetric encryption, allowing one key to encrypt and a different (private) key to decrypt - ensuring both confidentiality and authenticity. Before 2025.1, NetSuite developers had to rely on external iPaaS platforms like Boomi, Celigo, or Workato to integrate this level of security. Now, that functionality lives natively in NetSuite.
NetSuite’s N/pgp module provides secure methods to encrypt messages using public/private key pairs stored in NetSuite’s API Secrets record. These secrets are securely managed and accessed via script IDs.
The function below retrieves encryption keys and uses them to encrypt a message and apply a digital signature. If the private key is passphrase-protected, a securely stored passphrase is also retrieved.
This process results in an armored, ASCII-formatted output—ideal for transmitting across systems while maintaining security and traceability.
Decrypting messages is equally straightforward. The code below demonstrates how the N/pgp module retrieves the appropriate decryption keys, parses the encrypted message, and verifies its signature before returning the plaintext.
This pattern ensures message integrity while leveraging centralized, auditable key storage through the Secrets record.
While the new N/pgp module is a powerful step forward, developers should be aware of its constraints:
These limitations mean careful architectural planning is still required. But for many use cases, native PGP support will significantly reduce friction and improve the security posture of NetSuite implementations.
As NetSuite continues to evolve, its embrace of native security tooling shows a deeper commitment to supporting enterprise-grade requirements. The N/pgp module offers an immediate win for teams who previously had to engineer workarounds to handle encrypted data securely.
Whether you're syncing sensitive customer records or exchanging financial information with third parties, native PGP support empowers developers to keep security in-house - closer to the business logic and easier to manage.
In short: fewer tools, stronger integrations, and more secure workflows.