Custom Field Security

Custom field security can be applied on a per-field basis. If field security has been applied to a field in the UI, the custom field schema will include the field level security metadata. Consequently, users should be aware that the permissions they specify on custom fields will apply to any existing integration that is in place using endpoints 2008_1 and older. Certain field permissions such as NONE and VIEW might break the integration in an unintended way.


See Restricting Access to Custom Fields for details on this feature.

If the custom field security feature is turned on, SOAP web services will respect the access level set on each field. For example, if you have set a field permission to NONE, and you have code that references the field, you will not be able to read or write to that field in your code. NetSuite SOAP web services will essentially ignore that field when the SOAP request is sent. Similarly, if a field permission has been set to VIEW, you will be able to read the field's value, but you will be unable to set the field's value.

SOAP web services developers should keep custom field security in mind when designing their integrations. Before beginning a project, they should work with their company's NetSuite administrator to review which fields may have custom security applied.

Related Topics

SuiteTalk SOAP Web Services Platform Overview
SOAP Web Services Security
Authentication for SOAP Web Services
Authorization for SOAP Web Services
Session Management for SOAP Web Services
Encryption for SOAP Web Services

General Notices