Setting a Role as Single Sign-On Only Role

If the role is designed to be used by users accessing NetSuite through OIDC single sign-on, check the Single Sign-On Only box to allow NetSuite account access only through OIDC single sign-on.

Note:

You don't have to check the box if you want to use SAML single sign-on, because it's single sign-on only by default.

This setting prohibits a user from accessing NetSuite through web services or the user interface without going through OIDC single sign-on. This type of role supports strict control of credentials from the external application.

Important:

You can't use NetSuite for Outlook with a Single Sign-on Only role.

Related Topics

• Customizing or Creating NetSuite Roles
• Customizing and Creating Roles
• Assigning Core Administration Permissions
• Administrator - No HR/Employee Access SuiteApp
• Restricting Role Access to Accounting Books
• Restricting Role Access to Subsidiaries (OneWorld Only)
• Setting Employee Restrictions
• Setting Department, Class, and Location Restrictions
• Setting a Role as Issue Role for Issue Management
• Setting a Role as Web Services Only Role
• Restricting a Role by Device ID
• Restricting a Role by IP Address
• Setting Two-Factor Authentication Requirements
• Setting Permissions
• Setting Default and Restricted Forms
• Setting Search Defaults for a Role
• Setting Role-Based Preferences
• Translating Custom Role Names
• Selecting a Dashboard for a Role

General Notices