1. Account Administration
  2. Authentication
  3. SAML Single Sign-on
  4. Complete Preliminary Steps in NetSuite for SAML SSO
  5. Add SAML Single Sign-on Permissions to Roles

Add SAML Single Sign-on Permissions to Roles

You can customize a standard NetSuite role for use with SAML Single Sign-on (SSO) permissions. You can also add SAML SSO permissions to existing roles assigned to users that require this type of access.

Note:

If a role is already designated as two–factor authentication (2FA) required, and you add the SAML SSO permission to the role, the 2FA requirement will be ignored. The SAML SSO permission takes precedence.

To complete the following procedure, you must be logged in to NetSuite with an Administrator role. If you need more detailed information about creating roles in NetSuite, see Customizing or Creating NetSuite Roles.

To customize roles and add SAML permissions:

  1. Go to Setup > Users/Roles > User Management > Manage Roles.

  2. Choose a role and click Customize.

  3. Create a unique and identifiable name for the role. For example, you could replace the word Customize in the role name with the word SAML.

  4. Click the Permissions tab.

  5. On the Setup subtab, select the appropriate SAML permission from the list, and click Add. There are two SAML permissions. Add one or both permissions to the role as appropriate. See SAML SSO Permissions.

  6. Click Save.

For more information about SAML permissions, see the following:

Related Topics

SAML Single Sign-on
Configure NetSuite with Your Identity Provider
Complete the SAML Setup Page
Update Identity Provider Information in NetSuite
IdP Metadata and SAML Attributes
Interactions with NetSuite Using SAML
SAML SSO in Multiple NetSuite Account Types
NetSuite SAML Certificate References
Remove SAML Access to NetSuite
SAML SSO FAQ

General Notices