Setting Available Without Login
You can allow Suitelet scripts to be executed without a login. Select the Available Without Login box on the Script Deployment page to allow users without an active NetSuite session to have access to the Suitelet.
Suitelets configured as available without login should not be used in integration use cases, including SDN partner SuiteApps. Suitelets configured as available without login are a violation of Built for NetSuite (BFN) standards.
To ensure that all users can access the Suitelet with or without login, check the All Roles box and clear all values from the Departments, Groups, Employees, and Partners fields under the Audience subtab on the Script Deployment page. When you select Available Without Login and save the Script Deployment record, an External URL field is displayed on the Script Deployment page. Use this URL for Suitelets you want to make available to users who do not have an active NetSuite session.
The Available Without Login box is available on the Script Deployment page for Suitelets only.
The Website feature must be enabled for Clients Scripts to work in externally available Suitelets.
If you need to perform Outbound HTTPs calls in an unauthenticated client-side context, you must do so inside a Suitelet available without login and call that Suitelet using N/https#requestSuitelet() instead of calling one of the prohibited functions directly. See: Outbound HTTPs in an unauthenticated client-side context.
The following are some uses cases when you might want to make a Suitelet externally available (however, when considering these use cases, keep in mind that using Suitelets externally without login is forbidden in BFN):
-
Hosting one-off online forms (for example, capturing partner conference registrations).
-
Inbound partner communication (such as, listening for payment notification responses from PayPal or Google checkout, or for generating an unsubscribe request from email campaigns page, which requires access to account information but should not require a login or hosted website).
-
For Facebook, Google, and Yahoo mashups in which the Suitelet lives in those websites but needs to communicate to NetSuite using POST requests.
Be aware that the data contained within the Suitelet will be less secure when it is allowed to be accessed (using Suitelet execution) without login.
Errors Related to the Available Without Login URL
Based on the use case for your Suitelet, you will use either the internal URL or the external URL as the launching point for the Suitelet.
Some of the factors determining whether the Suitelet will deploy successfully are the dependencies between the type of URL you are referencing (internal or external), the Suitelet deployment status (Testing or Released), and whether the Select All Roles box has been selected on the Audience subtab of the Script Deployment page. The following table summarizes these dependencies.
If specific roles, employees, departments, partners, or groups are selected on the Audience subtab or the All Employees or All Partners boxes are checked, external users will receive an error when accessing the Suitelet, even if the Available Without Login box is checked. To ensure access for all external users as well as internal users, check the Available Without Login box and the Select All Roles box. Leave all other fields on the Audience tab empty.
Suitelet URL Type |
Deployment Status |
Select All Roles box |
Result |
---|---|---|---|
internal |
Testing |
not checked |
Suitelet deploys successfully |
internal |
Testing |
checked |
Suitelet deploys successfully |
internal |
Released |
not checked |
Error message: You do not have privileges to view this page. |
internal |
Released |
checked |
Suitelet deploys successfully |
external |
Testing |
not checked |
Error message: You are not allowed to go directly to this page. |
external |
Testing |
checked |
Error message: You are not allowed to navigate directly to this page. |
external |
Released |
not checked |
Error message: You do not have privileges to view this page. |
external |
Released |
checked |
Suitelet deploys successfully |