Token-based Authentication (TBA) for Users
For users without a role that has the User Access Token permission, an administrator can create, assign, and manage access tokens.
Users also have the following options to obtain their own access tokens:
-
Users assigned a role that has the User Access Token permission can create, assign, and manage tokens for the current user and current role. For more information, see User Access Token – Create a TBA Token
-
An integration developer creates an application that requests user credentials and gives the user an access token. For more information, see The IssueToken Endpoint.
-
An integration developer creates an application that uses the TBA authorization flow. At the end of the flow, user gets an access token. For more information, see The Three-Step TBA Authorization Flow.
Tokens created using the Token-based Authentication feature in your NetSuite production account are not copied to your Release Preview or to your sandbox accounts. To test this feature in Release Preview or in a sandbox, you must create new tokens in that account. Each time the sandbox is refreshed, you must create new tokens in the sandbox.