Assigning the SOAP Web Services Permission to a Role
All standard NetSuite roles have SOAP web services permissions by default. For security reasons, you should restrict permissions levels and access allowing only the most restricted permissions necessary to perform a particular set of operations.
For non-standard or custom roles, use these steps to assign the SOAP web services permission to the role.
To assign the SOAP Web Services permission to a role:
-
Go to Setup > Users/Roles > Manage Roles.
-
Locate the role you want to modify. Click Edit or Customize.
-
Click the Setup subtab.
-
In the Permissions dropdown list, select SOAP Web Services.
-
In the Level dropdown list, select Full.
Note:Users with a SOAP Web Services permission level other than Full (View, Create, Edit) cannot log in to SOAP web services. The Full level is required. Also note that the SOAP Web Services permission does not provide access to the SOAP Web Services Usage Log or to integration records; only administrators can access these pages. For details on the SOAP Web Services Usage Log, see Using the SOAP Web Services Usage Log. For details on working with integration records, see SOAP Web Services Security.
-
Click Add.
-
Click Save.
Note also:
-
If you are building an integrated application, it is best to create a new role or customize an existing role and grant the minimum set of permissions that are necessary for the client to carry out its functions. Users should not be assigned administrator privileges for use with SOAP web services.
-
If your role has permission to view credit card data on the user interface, you can also retrieve this information through SOAP web services calls. This is beneficial to integrated applications that use an external credit card processing profile. Based on your role, you may be able to retrieve the credit card on file for your customers.
-
In order for a role to use the getDeleted operation, the role has to have both the Deleted Records and the SOAP Web Services permissions. Note that users who have the Deleted Records permission can access results about any type of record that was deleted, even if they do not have permission to create or modify that record type. They also have permission to use the Deleted Record search type, unless the Web Services Only option has been selected for the role.