Introduction
Origami Lens is a full-stack metadata workbench for NetSuite. Each pane shares the same visual language: a control column on the left, a resizable work surface on the right, and persistent indicators for sync status and theme. Keyboard focus follows whichever view is active in the menu bar.
Getting Started
- Create a context from the top-right "Account ▾" → "Manage" button, "Edit" the seeded context or create a new one.
📹
Also see: NetSuite token setup.
- Sync metadata from the top-right “Metadata ▾” menu to refresh cached objects and summaries.
📹
- Select a slice (O2C, Inventory, etc.) to pre-populate ERD record lists, or type CSV values manually.
📹
NetSuite token setup
origami lens connects to NetSuite using Token Based Authentication (TBA)
and a dedicated integration user.
What you will create
- An integration record in NetSuite
- An access token tied to an integration user and role
Before you start
You must have a NetSuite administrator user to enable features, manage roles,
create integrations, and generate access tokens.
Steps...
Step 1: enable Token Based Authentication
- Navigate to Setup → Company → Enable Features
- Open the SuiteCloud tab
- Enable the following:
- Token Based Authentication
- SuiteAnalytics Workbook or SuiteAnalytics Connect if analytics is used in your account
- Click Save
Step 2: create an integration record
- Go to Setup → Integrations → Manage Integrations → New
- Set the following values:
- Name: origami lens
- State: Enabled
- Authentication: Token Based Authentication
- Click Save
- Copy and store securely:
- Consumer Key
- Consumer Secret
Step 3: create an integration user
Create a dedicated employee record for the integration, for example
Origami Lens Integration User.
- Do not use a personal login
- Grant only the minimum permissions required
- Assign a role created specifically for origami lens
Step 4: create a role for origami lens
- Navigate to Setup → Users/Roles → Manage Roles
- Create a new role or edit an existing one
- Name the role something like origami lens integration role
Required REST and metadata access
- REST Web Services: Full
- User Access Tokens: Full
- Log in using Access Tokens: enabled if present in your account
System notes visibility for full change history
To allow origami lens to view a complete system notes timeline,
the role must include the following permission:
- System Notes for Analytics: View or higher
Without this permission, NetSuite may limit which changes appear in
analytics-driven system notes views.
Step 5: create the access token
- Go to Setup → Users/Roles → Access Tokens → New
- Select:
- Application Name: the origami lens integration record
- User: the integration user
- Role: the origami lens integration role
- Click Save
- Copy and store securely:
Step 6: enter values into origami lens
Enter the following values into the origami lens connection screen:
- Account ID
- Consumer Key
- Consumer Secret
- Token ID
- Token Secret
Treat these credentials as production secrets.
Store them securely and restrict access.
Quick troubleshooting
Token fails immediately
- Confirm Token Based Authentication is enabled
- Confirm the role includes REST Web Services
- Confirm the token was created for the correct user, role, and integration
System notes appear incomplete
- Confirm the role includes System Notes for Analytics
- Confirm the token is using the intended role
Trial & Billing Limits
Limits are pulled from your current billing policy and update automatically.
- Upgrade via the Billing button (Stripe checkout/portal).
- Profile / Org buttons open Clerk for account and organization settings.
ℹ️ Info: Sitewide network protections (rate limits and abuse controls) may throttle bursts to keep the service safe. If you see a 429 Too Many Requests, wait briefly and retry.
ERD Builder 📹
The left pane drives both the Mermaid preview and Dagre graph.
- Expand hops automatically adds referenced records within the provided hop count.
- Show lists toggles the inclusion of
customlist_* objects.
- Refs only (expanded) limits expanded mode to reference fields so diagrams remain focused.
- Include line nodes surfaces line collections as separate nodes; use the Lines toggle inside the Dagre filter bar to hide/show them dynamically.
- Magnify node zooms into the hovered or selected node and becomes a reset toggle.
- Export scope supports Visible vs Full ERD; the Notes toggle adds a notes list to exports.
ERD Builder supports deep linking.
ℹ️ Info: Warm the cache: trigger a single metadata fetch (or run a small ERD once) for the current context so cache files exist; subsequent ERDs should be fast.
Interactive Graph (Dagre)
- Hover to preview fields; click to lock selection and expose the right-hand detail tabs.
- The minimap mirrors your viewport; drag the highlighted rectangle to pan quickly.
- Use Lists / Refs / Lines checkboxes to hide node families, and the search box to center on an entity.
- Creates edges render in maroon (solid for first-degree, dashed for downstream hops). Hovering a node highlights its inbound/outbound flows.
- The Notes button opens contextual annotations that sync with the Metadata view.
- Creates toggle is off by default; enable it to show system-generated create/transform links.
Mermaid Preview
The Mermaid card shows a compact ER diagram suitable for documentation or Precision AI prompts.
- Use the
- / Reset / + controls or a trackpad pinch to zoom.
- "Generate Mermaid" reruns the backend generator; paid plans can copy the Mermaid source.
- Trial accounts hide the Mermaid preview/source to prevent exporting raw diagrams.
- The fullscreen button opens the preview in a modal with independent zoom state.
Metadata Explorer 📹
The Metadata menu exposes two sub-views: Explore and Diff.
- Slices and search filter the left-hand catalog; slice pills behave like the ERD slicer.
- Summary card includes lineage pills that route to related records, plus line collection tabs.
- Notes show up on both the catalog list and Dagre nodes so you can annotate requirements.
- Tables respond to the resizable gutter; drag to allocate more vertical space to the field grid.
- Download package exports your metadata contract as JSON files (ZIP), which you can commit into source control and use with the open-source NetSuite-Developer Codex Skill.
Metadata Explorer supports deep linking.
Metadata Diff
Compare cached metadata versions using the selectors at the top of the Diff page.
- Env A / Env B can be the same or different; versions update based on the selected environment.
- Select versions, run "Diff metadata caches," then jump into per-object field diffs via the "View diff" shortcut.
- Use the modal search filter (Ctrl/Cmd+F still works) to locate specific objects inside large diffs.
System Notes
System notes summarize recent NetSuite changes (default range is Yesterday).
- Row limits apply by plan: trial uses 200 rows, past due uses 50, active uses all.
- Use the filters to narrow by record type, context, or employee before exporting.
⚠️ Warning: Access token needs: 'System Notes for Analytics' permission to view all changes.
SuiteQL Workbench
- Run queries with paging controls (Rows dropdown) and filter/highlight output via the toolbar.
- Use the inline clear button to reset filters, and export to CSV/JSON from the action menu.
Datasets
Datasets mirror the SuiteAnalytics dataset catalog.
- Select a dataset to preview columns and sample rows; use the right gutter to resize the table area.
- “Load dataset” fetches fresh data with pagination, respecting the Rows picker.
Saved Searches
- Load available searches through the MCP connector; Origami normalizes the result columns for sorting/filtering.
- Use the "Run search" button to execute with the current filter values and export via CSV/JSON as needed.
ℹ️ Info: You might not be able to execute all "Public" saved searches due to permission constraints.
⚠️ Warning: This is an experimental feature requiring the MCP connector. Reach out to support if you need help enabling it.
Token is good for an hour.
SuiteAnalytics Reports
- Browse enabled SuiteAnalytics reports, then run a report to display rows with the shared table toolbar.
- The toolbar mirrors SuiteQL/Datasets: inline filters, quick pagination, and export actions.
ℹ️ Info: You might not be able to execute all "Public" saved searches due to permission constraints.
⚠️ Warning: This is an experimental feature requiring the MCP connector. Reach out to support if you need help enabling it.
Token is good for an hour.
Precision AI
Generate narrative insights or SOP drafts using cached metadata and ERD context.
- Parameter inputs (Top P, Top K, Max tokens) are optional; leave blank to use model defaults.
- Paste Mermaid snippets or notes into the prompt box, then run "Send to Precision AI." Token counts appear under the status bar.
- Trial accounts hide the auto-filled schema data field (ERD/Diff) until you upgrade.
CodeEye 📹
CodeEye turns SuiteScript uploads into a deterministic inventory, findings, dependency graph, and diagrams.
- Uploads are never executed. ZIPs are unpacked safely (no symlinks or path traversal).
- Secrets are redacted before analysis artifacts are written.
- Results are delivered as JSON artifacts you can download.
- Diagrams render in the dual-pane viewer with Mermaid text on the right and SVG fallback for large graphs.
- Use the Copy button to reuse Mermaid definitions in docs or tickets.
Workflow: Upload → Analyze → Review Summary → Open Diagrams → (Optional) Run AI Actions.
- Summary Report aggregates files, entry points, integrations, and findings.
- Runs lists prior analyses per tenant/context and supports hard delete for cleanup.
- AI Actions (if enabled) use redacted source only; output is advisory.
ℹ️ Info: Mermaid is available for copy/paste. SVG fallback is used automatically for large graphs.
⚠️ Warning: AI output may be inaccurate. Validate before acting on recommendations.
CodeEye metrics glossary
These definitions describe the deterministic metrics in the CodeEye Summary Report.
Values come from redacted artifacts only; no AI is used to generate metrics.
Overview
| Metric | Definition |
|---|
| Files analyzed | Count of files accepted into the run manifest (JS plus config files that pass validation). |
| Scripts detected | Count of JS files analyzed for SuiteScript logic. |
| SuiteScript versions | Counts of version guesses (1.0, 2.x, unknown) based on annotations and heuristics. |
| Script types | Counts by type guess (ClientScript, Suitelet, Scheduled, Map/Reduce, User Event, RESTlet, Other). |
| Run timestamp | UTC timestamp from the run manifest. |
| Context | The tenant context key associated with the run. |
Structural Complexity
| Metric | Definition |
|---|
| Nodes | Unique module identifiers from the dependency graph. |
| Edges | Number of directed dependency edges. |
| Largest component | Size of the largest connected component in the undirected dependency graph. |
| Circular deps | Count of cycles detected using strongly connected components (SCCs), including self-loops. |
| Shared dependencies | Top modules by fan-in (many inbound edges). Shared utilities or common imports. |
| High blast-radius components | Top modules by fan-out (many outbound edges). Changes can affect many downstream paths. |
Entry Points and Execution Triggers
- Scheduled: scripts with scheduled execution signatures.
- User Event: scripts with beforeLoad/beforeSubmit/afterSubmit hooks.
- RESTlet: scripts exposing RESTlet handlers.
- Client: scripts with client-side entry points (pageInit, saveRecord, validateLine, etc.).
- Map/Reduce: scripts with getInputData/map/reduce/summarize.
- Other: scripts that do not match the above.
Integration Surface
| Metric | Definition |
|---|
| Outbound calls | Count of unique external endpoints detected in code (URL strings). |
| External endpoints | Unique URL list discovered in redacted code. |
| Authentication patterns | Signals inferred from integration indicators or URL contents (HTTPS module, legacy HTTP, SFTP/FTP, email). |
| Integration indicators | Counts of detected integration signals (https_module, legacy_http, file_transfer, email). |
| Integration density | Ratio of scripts with integrations to total scripts: none (0), low (≤ 0.25), medium (≤ 0.6), high (> 0.6). |
Findings Summary
| Category | What it includes |
|---|
| Security | Risky patterns such as eval, new Function, string-based timers, or plain HTTP usage. |
| Governance | Record mutation/search hotspots: record.save, submitRecord, submitFields, search.run, search.runPaged, record.delete. |
| Maintainability | Lint findings not tied to complexity rules. |
| Deprecated usage | Reserved for deprecated API checks; may be empty. |
| Complexity risk | Complexity lint rules plus high complexity metrics (score ≥ 10). |
Severity calculation
- Lint severity: high (2), medium (1), low (0).
- Complexity metrics severity: high (≥ 50), medium (≥ 25), low (≥ 10).
- Security rules: eval/new Function = high; string timers and HTTP = medium; default = low.
- Governance rules: delete_record/submit_record = high; others = medium.
Complexity Metrics Details
| Metric | Definition |
|---|
| Complexity | Count of control-flow keywords in redacted code: if, for, while, switch, catch, function. |
| Comment ratio | Percentage of comment markers (// or /*) per total lines. |
Diagram Index
The diagram index lists rendered diagrams for the run with node and edge counts. Render types may be Mermaid (client-side) or SVG (server-side fallback).
Notes and Context Sharing
Notes are stored per record and synchronized between Dagre and Metadata views. The yellow badge appears anywhere a note exists, and the ✎ button opens the modal editor.
Deep Linking
You can open specific Entity Relationship Diagram (ERD) views and metadata
screens in Origami Lens directly from your documentation, emails, or chat
messages by using deep links.
Examples
-
Single object ERD view
/lens/erd?object=customer
Open ERD for customer
-
Multiple object ERD view
/lens/erd?object=customer,account
Open ERD for customer and account
-
Slice ERD view
/lens/erd?slice=o2c
Open order to cash slice
Slice keys and labels
| Slice key | Label name |
|---|
o2c | Order to Cash |
p2p | Procure to Pay |
core | Core Finance |
revrec | Revenue Recognition |
fixedAssets | Fixed Assets |
suiteBilling | SuiteBilling |
projects | Projects & Time |
manufacturing | Manufacturing |
inventory | Inventory |
vendorMgmt | Vendor Management |
people | People & HR |
crm | CRM |
tax | Tax & Compliance |
banking | Banking |
commerce | E Commerce |
-
Metadata view for a record type
/lens/metadata?recordType=invoice
Open invoice metadata
These pages might take ~5 seconds to load.
Keyboard Shortcuts
Global keyboard shortcuts:
- Esc: closes the Change Password and Manage Context overlays
- Ctrl+Enter: triggers each view’s primary action (Compare, System Notes Run, Generate ERD, Precision AI Run, SuiteQL Run, SoD Run All) based on the current view.
Contact, Feedback and Disclosures
Need help beyond these docs?
Notice: NetSuite is a registered trademark of Oracle Corporation and/or its affiliates.
