Token-Based Authentication in NetSuite
NetSuite permits you to use token-based authentication instead of using the traditional
username and password credentials. Using token-based authentication eliminates the need to
have to reset the password for your integration user when user passwords expire (based upon
the password policy rules defined in NetSuite).
In order to use token-based authentication, you must:
- Use the Vertify NetSuite Connector v1.5.35-Token-Based or higher (i.e., token-based profile).
- Enable token-based authentication in NetSuite Features.
- Setup an integration record in NetSuite with token-based authentication enabled.
- Setup an integration role for the integration user (with the 'Web Services' and the 'Log in
using access tokens' permissions, along with any other permissions needed).
- Assign the role to the integration user.
- Create an access token for the integration user using the integration role.
- Capture token and secret keys for both the integration record and the access token to be
entered into Vertify.
The following sections assume that your are logged into NetSuite as an administrator using the
“Classic Center” (the default for the native Administrator role).
Step 1: Enable Token-Based Authentication in NetSuite
- Go to Setup > Company > Enable Features.
- On the SuiteCloud tab, locate the Manage Authentication section and check the box to enable Token-Based Authentication.
- The terms and conditions will appear in a new window - scroll down to the bottom and choose I Agree.
- Scroll to the top and click Save to enable the feature.
Step 2: Set up Integration Record in NetSuite
- Go to Setup > Integration > Manage Integrations > New.
- Enter the name to give the Integration record (i.e., 'Vertify Integration').
- On the Authentication sub-tab, check Token-Based Authentication.
- Click Save.
VERY IMPORTANT: Once you click save, the 'Consumer Key' and 'Consumer Secret' will appear under the Authentication tab this one time. Highlight them with your mouse and copy/paste into a safe location (i.e., Word, Notepad) - in a later step, you will use them in Vertify. When you navigate away from this webpage, they will disappear and they cannot be retrieved. You will have to reset and generate a brand new set of values. This integration record will also hold the Application ID if needed.
Step 3: Setup Integration Role in NetSuite
If you have already installed the NetSuite Bundle: Vertify Marketo Integration, a role for the Vertify Integration User already exists called Vertify Marketo Integration. You can use this role as-is or customize it to add additional permissions.
The steps below are to create a new role from scratch:
- Go to Setup > Users/Roles> Manage Roles.
- Find the Sales Administrator standard role (you may have to click the Show Inactives checkbox at the top to find it).
- Click the Customize link next to the Sales Administrator role.
- IMPORTANT: Always start with a standard role and customize it. Standard roles in NetSuite have some native permissions that CANNOT be assigned to a custom role.
- Under Permissions, make sure that the following permissions are selected. You may add any additional permissions under each section as necessary:
- Find Transaction (Full)
- Perform Search (View)
- CRM Lists (View)
- Custom Body Fields (View)
- Custom Column Fields (View)
- Custom Entity Fields (View)
- Custom Entry Forms (View)
- Custom Event Fields (View)
- Custom Fields (View)
- Custom Lists (View)
- Custom Record Types (View)
- Custom Subtabs (View)
- Custom Transaction Fields (View)
- Custom Transaction Forms (View)
- Log in using Access Tokens (Full)
- Web Services (Full)
- Custom Record
- Click 'Save' to save the new role.
- Your Edited user will now have the term 'Custom' attached to the name (ex: Custom Sales Administrator).
Step 4: Assign Integration Role to Integration User in NetSuite
- Go to Lists > Employees > Employees.
- Find the employee record you want to use for token-based authentication.
- If the record does not yet exist, click New to add a new employee record.
- NOTE: If the integration will be modifying data in NetSuite, it is strongly recommended that a separate employee record be created for the integration user (for auditing purposes).
- Make sure all required fields, including an email address, are entered.
- On the 'Access' sub-tab, make sure Give Access is checked.
- Enter a password and in the confirm password field (if the employee does not already have access).
- NOTE: NetSuite requires you to enter a password to grant access to a user. This password will only be used to access the NetSuite UI through a browser - it's not used for token-based authentication through Vertify.
- Under Role, choose the integration role you created and click Add.
- Scroll to the top and click Save.
Step 5: Create the Access Token in NetSuite
- Go to Setup > Users/Roles > Access Tokens > New
- Enter the following:
- Application Name: name of the integration record created.
- User: employee record assigned to the integration role.
- Role: integration role to use for token-based authentication.
- Token Name: auto-generated using the values selected. You can use the default token name or provide an alternative token name if desired.
- Click Save.
VERY IMPORTANT: Once you click save, the Token Key and Token Secret will appear under the Authentication tab this one time. Highlight them with your mouse and copy/paste into a safe location (i.e., Word, Notepad) - in a later step, you will use them in Vertify. When you navigate away from this webpage, they will disappear and they cannot be retrieved. You will have to reset and generate a brand new set of values.
Step 6: Connecting Vertify to NetSuite using Token-Based Authentication
- Navigate to the desired workspace, and then go to the Define section.
- Click Connect.
- If it's a brand new system, follow these steps:
- Press the New System button to create a new system.
- Next, choose NetSuite as the remote system.
- Find the most recent connector version from the dropdown list.
- Enter the credentials.
- Note that the Consumer Key and Consumer Secret have their own respective login parameters.
- Enter the Token ID in the Username field and the Token Secret in the Password field and confirm password fields.
- Press Save.
- Test and confirm clean operation. If a live integration, return schedules to normal operation after testing.