Prerequisites for the Token-Based Authentication Security Policy
If you want to use the token-based authentication (TBA) security policy with the Oracle NetSuite Adapter, you must fulfill the prerequisites specific to this security policy in addition to the general prerequisites.
- Consumer Key / Client ID: The key/ID associated with the integration record created for Oracle Integration.
- Consumer Secret / Client Secret: The secret associated with the integration record created for Oracle Integration.
- Token: The token ID associated with the access token created for the Oracle Integration's user account, role, and integration record.
- Token secret: The token secret associated with the access token created for the Oracle Integration's user account, role, and integration record.
- Account ID: Your Oracle NetSuite account ID.
Note:
To perform the TBA-related configuration tasks listed in this section, you must first enable the TBA feature in your Oracle NetSuite account. See Register with Oracle NetSuite and Enable Features.Create a Role with Token-Based Authentication Permissions
Create a new role and assign TBA permissions along with other necessary permissions (specific to your integration) to it. You'll assign the Oracle Integration user account—which you'll subsequently create—to this role.
Note:
As a best practice, avoid using the Administrator and Full Access roles/users in Oracle NetSuite connections that use the TBA security policy.To create a new role:
- On the NetSuite home page, select Setup, then User/Roles, then Manage Roles, and then New.
- On the Role page:
Create a User Account for Oracle Integration
Create a user account for Oracle Integration and assign this account to the TBA role you created previously. You'll use the credentials associated with this user account to connect to NetSuite from Oracle Integration.
If you have already created a user account for Oracle Integration, you can assign the existing account to the new TBA role. See Assign an Existing User Account to a Role. This way, you don't have to consume another open user-account license.
If you require to create a new user and assign it to the TBA role, follow the procedure provided here:
- On the NetSuite home page, select Lists, then Employees, then Employees, and then New.
- On the Employee page:
Note:
To assign an existing Oracle Integration user account to the new role:- From the NetSuite home page, navigate to the Employees page: Lists, then Employees, and then Employees.
- Click Edit next to the name of the Oracle Integration user account.
- On the account's page, scroll down and click the Access tab.
- With the Roles subtab selected, select the role created previously from the ROLE drop-down field; for example,
Oracle Integration Role
. - Click Add, and then click Save.
Create an Integration Record for Oracle Integration
Before you can create and assign API tokens (for TBA) to a user account, you must create an integration record for the application that will use this user account to access NetSuite.
Create an integration record for the Oracle Integration application.
Note:
If you have already created a TBA-enabled integration record for Oracle Integration, you can skip this section. Reuse the existing record to generate new access tokens. This way, you don't have to maintain multiple integration records and associated consumer keys and secrets for the same application.Create an Access Token for the User Account
Create and assign an access token to the Oracle Integration user account.
Make a Note of the NetSuite Account ID
Along with other credentials, you'll require the NetSuite Account ID to connect to NetSuite from Oracle Integration.
- On the NetSuite home page, select Setup, then Integration, and then SOAP Web Services Preferences.
- Note down the Account ID displayed at the top of the page.
- Click Cancel to exit the page.