1. Security
  2. Security Features
  3. Configuring and Using OpenAir Integrations and Add-on Services
  4. NetSuite Connector — Security Considerations

NetSuite Connector — Security Considerations

Refer to NetSuite Integration for more information about configuring and using OpenAir NetSuite Connector.

OpenAir NetSuite Connector provides a seamless data flow between OpenAir and NetSuite. Contact OpenAir Customer Support to enable the integration and NetSuite. Contact OpenAir Professional Services to request the configuration of your account for the integration and to obtain detailed instruction for, and assistance with, its implementation.

OpenAir uses the industry standard Transport Layer Security (TLS) protocol to encrypt communication between OpenAir and NetSuite, and to ensure the security of the data transferred.

This section outlines the following security-related configuration settings:

Authentication

OpenAir must connect to your NetSuite account to enable the integration. Two authentication methods are supported:

  • Authentication using a custom role in NetSuite — NetSuite’s Two-Factor Authentication feature is not compatible with SuiteTalk (Web Services) or SuiteAnalytics Connect. To use Web Services or SuiteAnalytics Connect, you must be signed in with a role which does not require Two-Factor Authentication. This requires you to create new user account with a custom role created specifically for the integration.

    Refer to Creating a Custom Role for the Integration in NetSuite in the NetSuite Integration for instructions.

  • Token-Based Authentication — Token-based authentication (TBA) is now the only supported authentication method for the OpenAir <> NetSuite integration. TBA’s request-level signatures enhances security and TBA lets you use your Two-Factor Authentication role in NetSuite for the integration.

    Refer to Creating and Assigning an Access Token for the Integration in the NetSuite Integration for more information.

Role Permissions in OpenAir

Account administrators can assign role permissions for the OpenAir NetSuite integration to ensure employees have the required privileges to accomplish their tasks. See Roles Overview.

The following role permissions are available once the OpenAir NetSuite integration is enabled:

  • View the NetSuite integration

  • View and run the NetSuite integration

  • View and edit the NetSuite integration settings

  • Allow employee to export invoices to NetSuite

  • Allow employee to export Expense reports to NetSuite

  • Allow employee to export project data to NetSuite

  • Allow employee to export timesheets to NetSuite

  • Allow employee to export recognition transactions to NetSuite

  • Allow employee to export purchase requests to NetSuite

  • Allow employee to view last NetSuite error on expense reports

  • Allow employee to view last NetSuite error on invoices

  • Allow employee to view last NetSuite error on timesheets

NetSuite Connector Administration Form Access and Safeguard

Designated account administrators can control NetSuite Connector administration settings. Effective April 10, 2021 the NetSuite Connector administration form is self-service, instead of controlled by OpenAir Customer Support. Account administrators with the relevant user privilege can save changes to the NetSuite Connector administration form without a password.

To let an account administrator edit settings on the NetSuite Connector administration form:

  1. Contact OpenAir Customer Support and request the NetSuite Connector Administration Form Editor Permission optional feature.

  2. In OpenAir, go to Administration > Global settings > Users > [Select an employee] > Demographic.

  3. Check the View and edit NetSuite Connector administration form box under the Optional features section. This employee demographic setting is only available if the employee is an account administrator or has the “View and edit integration settings” role permission.

  4. Click Save.

Important:

Make sure you read the documentation and consider changes carefully before you save the NetSuite Connector administration form. The integration may stop working, or may not work as expected and cause data corruption if configured incorrectly.

An optional feature disables the Save button if there are any active scheduled or real-time integrations configured for your account. This forces authorized account administrators to deactivate all scheduled and real-time integrations before they can make any changes to the NetSuite Connector administration form. To add this additional level of protection, contact OpenAir Customer Support and ask for the following feature: Prevent Saving NetSuite Connector Administration Form if Workflows are Scheduled or Set for Real-Time Integration.

Logging

The OpenAir NetSuite Connector Status Screen lets administrators see the status of any OpenAir + NetSuite integration runs at a glance, including performance statistics.

The OpenAir NetSuite Connector Settings History lets administrators see the history of integration configuration changes, including information about what changes were made, when, and by whom.