NetSuite Token Based Authentication (TBA)

When integrating with NetSuite’s RESTful API, you can use OAuth2 or Token Based Authentication.

OAuth2 is the modern approach that most people will be familiar with. When you ‘Login with Google’ or Facebook etc. and you use your Google Account to authenticate with another system – that is OAuth2. Basically you are saying to Google -‘Let this other system use my data’. OAuth2 follows the flow of opening a Login Screen on the Authentication platform (e.g. Google or in this case NetSuite) and confirming you wish to share data with the website that is requesting it. OAuth2 is very user friendly and is the prevalent method for connecting your business applications. We will cover this process with NetSuite in another post.

Another approach is Token Based Authentication (TBA). This approach requires the NetSuite Administrator to setup a couple of things within NetSuite and sharing token IDs with the external service provider. When calling the NetSuite API, you can use TBA so long as the request contains the following parameters in the security header;

  1. Company ID – this is the account ID that appears in your NetSuite URLs
  2. Consumer Key – this is the Integration you need to setup on NetSuite
  3. Consumer Secret
  4. Token ID – This is the token you will setup on NetSuite
  5. Token Secret

Setting up Token Based Authentication on NetSuite requires the following steps – note, you should be logged in to NetSuite as the user you wish to connect via the API which is usually a user with high privileges to access all data;

>1. Enable TBA

On NetSuite go to Setup > Company > Enable Features

Scroll down to find Authentication and check on the Token Based Authentication.

> 2. Create a new Integration

On NetSuite, go to Setup > Integrations > Manage Integrations > New

Give the Integration a name. Ensure that TBA is checked. You can uncheck other options.

Click Save. You will see the screen below. Note that the Client Credentials are only shown once. You MUST copy them and store them securely. Once you leave this screen you will never be able to see the Consumer Key and Secret again. We recommend using a password vault like Keeper Security to store such things.

> 3. Create a Token

On your home screen dashboard, scroll down to Settings. Your user should have a role that is granted with User Access Token permission. In which case you will see Manage Access Tokens inside the Settings card.

Click on Manage Access Tokens and create a new Token. Use the new Integration you just created in Step 2 above as the Application Name in the drop-down box.

Click on Save. Like in Step 2, you must take note of the Token values immediately as once you leave this screen you cannot see them again.

Copy the two values to a secure location;

At this point you now have the 5 pieces of security information you need to make an API call using TBA.

If you are setting up TBA access on your Uniformity account, these are the pieces of information you will need.

We are always available to our customers to assist in this process.