August 23, 2019
NetSuite provides a number of authentication types supported. For signing in to a NetSuite account in browser, it supports User Credentials authentication, Two-Factor Authentication, Google OpenID Single Sign-on, SAML 2.0, etc.
For API access it supports User Credentials (Basic) authentication and Token-based authentication. The latter is now a recommended way to integrate applications with NetSuite.
First, Skyvia supported only Basic authentication for NetSuite. This authentication requires the following connection parameters:
We will describe how to get these parameters below.
In NetSuite 2018.2, NetSuite started enforcing two-factor authentication for highly privileged roles. For roles with two-factor authentication, basic API authentication is not supported. Users with such roles must use Two-Factor authentication.
In order to help users with such roles in NetSuite to integrate their data via Skyvia, we have supported Two-Factor authentication connections in Skyvia. You can select the authentication kind to use — Basic or Token-Based - via the Authentication parameter.
Token-Based authentication requires another set of parameters:
To connect to NetSuite using Token-Based authentication, first we need to make sure that this authentication is enabled in NetSuite.
In your NetSuite account, point to Setup, then to Company, then click Enable Features.
Then click Suite Cloud.
Finally, in the Manage Authentication group, make sure that the Token-based Authentication check box is selected.
Besides, enabling token-based authentication in NetSuite, you will need the NetSuite user to have a role with privileges that are required for token-based authentication. These are at least the "Web Services" and "User Access Tokens" privileges.
Your Account Id can be obtained in NetSuite Web Services Preferences. To open them, sign in to your NetSuite account. Then point to Setup, then to Integrations, and then click Web Services Preferences.
Under Primary Information, you will see your Account ID.
The user can get Consumer Key and Consumer Secret when creating an integration record in NetSuite. Token-Based authentication must be enabled for this integration record. They are displayed only once, when the integration record is created, so it's better to copy them to some text file and save for future use.
Point to Setup, then to Integrations, then Manage Integrations, and then click New.
On the opened page enter the Name for the application, for example, Skyvia.
After we have an integration record with Token-Based authentication enabled, we can generate an Access Token for a connection in Skyvia.
In your NetSuite account, point to Setup, then to Users/Roles, then Access Tokens, and then click New.
Select the Integration record, User, and Role created on the previous steps.
From the confirmation screen, copy the generated Token ID and Token Secret. Note that Token ID and Token Secret are displayed only once on this page. If you need them again, you will have to re-generate them, which make the old ones to stop working.
Currently Token-Based authentication is the recommended way to connect to NetSuite, and is the only way to connect via API for users with highly privileged roles. However, if you still need to use basic authentication to connect to NetSuite, you will need NetSuite Account ID and Application ID.
NetSuite Account ID is obtained in the same way as described above for Token-Based Authentication. As for Application ID, you need to create an integration record in NetSuite for it. Unlike when creating an integration record for Token-Based Authentication, the Token Based Authentication check box must be NOT selected for Basic authentication.
Point to Setup, then to Integrations, then Manage Integrations, and then click New.
On the opened page enter the Name for the application, for example, Skyvia.
Comments