OpenID Connect (OIDC) Access to Web Store

OpenID Connect (OIDC) can be used as an alternative to SAML Single Sign-on. With OIDC, users have autonomy over security administration, because an OpenID Connect provider (OP) manages security administration. OIDC access is supported for Commerce web stores.

Important:

Before you attempt to set up OIDC access to your web store, read and understand the complete documentation for using OIDC in NetSuite. See OpenID Connect (OIDC) Single Sign-on.

You can use any certified OpenID Connect provider (OP). To find a certified OP vendor, go to https://openid.net/certification. You can use the same OP vendor for both web site access and NetSuite application access, or you can use a different OP for each purpose.

The following restrictions apply to the use of OIDC for Commerce websites:

Important:

The OIDC configuration is not shared between the NetSuite application and Commerce websites. An Administrator must configure OIDC on the SSO tab of the website’s setup page. Website users must be assigned a role with the OpenID Connect (OIDC) Single Sign-on permission to log in to the website successfully.

Before you begin, make sure that the OpenID Connect (OIDC) feature is enabled in your NetSuite account. Go to Setup > Company > Enable Features. On the SuiteCloud tab, in the Manage Authentication section, check the OpenID Connect OIDC Single Sign-on box. See Enable the OpenID Connect (OIDC) Single Sign-on Feature in NetSuite for more information.

To set up OIDC for a web store, go to the Set Up Web Site page, on the SSO tab, and click the OIDC Provider Configuration subtab. Most fields on this subtab are the same as those on the OpenID Connect (OIDC) Setup page for the NetSuite application. For more information, see Configure OpenID Connect (OIDC) in NetSuite.

You can set up OIDC for different web stores by completing the OIDC Provider Configuration subtab of the Set Up Web Site page for each web store. You can use the same OP vendor for multiple web sites. You also have the option of defining different OP vendors for each web site if needed.

On the OIDC Provider Configuration subtab, you must configure the following:

  1. Client ID and Client Secret – enter values you obtained from your OP. See Register NetSuite with Your OpenID Connect Provider for more information.

  2. Choose either Set Configuration From URL or Set Configuration Manually. In both fields, enter values you obtained from your OP. See Register NetSuite with Your OpenID Connect Provider for more information.

  3. Click Save.

Note:

OpenID Connect provider–initiated (OP) flow, is not supported.

Related Topics

SAML Single Sign-on Access to Web Store
OpenID Connect (OIDC) Access to Web Store
Outbound Single Sign-on (SuiteSignOn) Access from Your Web Store
Single Sign-on Integration with External Websites

General Notices