Configure NetSuite as OIDC Provider

Users logged in with a role with the OIDC Provider Setup permission can configure audience for, deactivate, or reactivate NetSuite as OIDC Provider applications.

To configure audience for authorized applications

  1. Go to Setup > Integration > Manage Authentication > NetSuite as OIDC Provider Setup

  2. Click the link in the Integration Name column.

  3. In the window, select Entities and Roles you want to enable for this application. You can select all by checking the Select All box.


    The Select All box selects all current and future Entities and Roles.

    To move the selected Entities or Roles to the right column, click the upper arrow between the columns.

    To clear Entities or Roles, check the box next to their name and click the bottom arrow between the columns.

    You can choose both Entities and Roles at the same time.

    Both entity and role must be enabled for a user to successfully use the NetSuite as OIDC Provider feature.


    In the window, you can also deactivate the application. To do so, check the Inactive box.

  4. Click Save.


If you plan on using the NetSuite as OIDC Provider feature for your SuiteCommerce Advanced store, ensure the store is hosted on a single domain, and is password protected. This rule does not apply to SuiteCommerce stores.

Using NetSuite Well–known URI Metadata to configure the Relying Party (RP)

You can find the OIDC configuration metadata on the NetSuite as OIDC Provider Setup page. The metadata file is accessible through the Metadata URL link at the top of the page. The metadata file is specific for each account and contains all data needed to complete the setup of the relying party (RP). It is not possible to provide detailed instructions for configuring the relying party, as the configuration steps will vary.

The format of the Metadata URL is:


where <accountID> represents your NetSuite account ID.

Related Topics

General Notices