Token-based Authentication and Web Services

SuiteTalk (web services) supports the Token-based Authentication (TBA) feature.

Token-based authentication removes the problems associated with password expiration from SOAP web services authentication. Client applications can access web services using a token, significantly reducing the risk of compromising user credentials. For more information, see Integration Management.


Tokens created using the Token-based Authentication feature in your NetSuite production account are not copied to your Release Preview or to your sandbox accounts. To test this feature in Release Preview or in a sandbox, you must create new tokens in that account. Each time the sandbox is refreshed, you must create new tokens in the sandbox.

For guidance on adapting an integration to include TBA credentials and to see an example that includes code samples and SOAP headers, see Token-Based Authentication Details.

TBA uses the TokenPassport complex type to send credentials. The TokenPassport references the TokenPassportSignature complex type, another important element in the token-based authentication process. See TokenPassport Complex Type.

For more information about using token-based authentication with web services, see the following topics:

Related Topics

Token-based Authentication (TBA)
Token-based Authentication (TBA) Tasks for Administrators
Token-based Authentication (TBA) for Integration Application Developers
Troubleshoot Token-based Authentication (TBA)
Token-based Authentication and RESTlets
Token-based Authentication and SuiteAnalytics Connect

General Notices