Token-Based Authentication – Netsuite

Author: Pankuri Bansal

This blog introduces how NetSuite supports token-based authentication (TBA), a robust, industry standard-based mechanism that increases overall system security. This authentication mechanism enables client applications to use a token to access NetSuite through APIs, eliminating the need for RESTlets or web services integrations to store user credentials.

Setting Up TBA in NetSuite

Follow the below steps to retrieve these details in your Oracle NetSuite account:

• Consumer Key
• Consumer Secret
• Token ID
• Token Secret
• Account ID

Step 1 – Generating Consumer Key/Consumer Secret

Once you have logged in to your NetSuite account, click Setup > Integration > Manage Integrations > New. Specify the integration details and follow these steps:

1. Give the name of the integration and under Authentication, select Token-based Authentication.
2. Click on Save. The Client Credentials are displayed. Copy the Consumer Key/Client ID and Consumer Secret/Client Secret and save them in a document for your reference. You can not access this information once you exit this screen.

Step 2 – Creating a New Role

Click Setup > Users/Roles > Manage Roles > New. Enter the role details and follow these steps:

1. Under Subsidiary Restrictions, select All for Accessible Subsidiaries.
2. Under Authentication, select Web Services Only Role.

3. In the Permissions tab, select and grant Full permission for the following items:

Transactions

Lists

Setup

Once the privileges are created, click Save and proceed.

Step 3 – Assigning the Role to a User

It is recommended that you create a separate user for this purpose instead of assigning the role to an existing user. It helps with better tracking and auditing operations.

1. Click Lists > Employees > New.
2. Enter the employee details and email address.
3. Click the Access tab and select Give Access. You can either send a notification email with a password URL or enable Manually Assign or Change Password and specify a password.

4. Under Roles, select the role that you created in Step 2 from the drop-down list and click Add.

5. Under Global Permissions, select Access Token Management, SOAP Web Services, and Login using Access Token from the drop-down list. Provide Full level permission for these items and click Add.

Step 4 – Creating an Access Token

1. Click Setup > Users/Roles > Access Tokens > New.
2. Select the Application name.
3. Select the User that you created in the previous step.
4. Select the role that you created in Step 2.

5. Click Save. The Token ID / Secret is displayed. Copy the Token ID and Token Secret and save it in a document for your reference. You can not access this information once you exit this screen. It is advised that you save this information in a plain text editor.

Step 5 – Copying Account ID

Click Setup > Company > Company Information > Copy the Account ID.

Step 6 – Adding TBA Details in MuleSoft:

In the Netsuite connector. Click on create a new configuration and Enter the Consumer Key, Consumer Secret, Token ID, Token Secret, and Account ID which we got from the above steps.

Once the privileges are given, click on Test Connection. If the connection is successful then Netsuite is successfully connected with MuleSoft.