NetSuite Admins will be required to create a NetSuite Token & Secret for each licensed user unless the users have NetSuite permissions to create their own tokens.
Prerequisites for TBA
- Token Based Authentication is enabled in your NetSuite account -- Setup > Company > Setup Tasks > Enable Features > SuiteCloud > Manage AuthenticationMake sure “Token Based Authentication” is checked.
- A CloudExtend G Suite for NetSuite subscription
- For use with CloudExtend Apps, users must have web services permissions enabled for their role.
Enable Token Based Authentication
NetSuite Administrators need to ensure that the company account has Token Based Authentication enabled. If this feature is not enabled, you will not see the permissions required in the next step.
- Setup > Company > Setup Tasks > Enable Features > SuiteCloud > Manage Authentication
- Make sure “Token Based Authentication” is enabled
Steps to Setup TBA access
Step 1: Add TBA permissions to the desired roles (or create new roles)
Decide if you will allow users to create their own tokens or if a user (such as Admin) will create tokens for the users.
For the role that will be ‘creating’ tokens (ie Admin or the user as decided above) be sure that the permission ‘User Access Tokens’ has been enabled.
For the role that will be using the tokens to sign in (typically a user) be sure that the permission ‘Log in using Access Tokens’ has been enabled.
Step 2: Create Access Tokens
Determine how to create your tokens, ie are you an Admin or end user creating tokens for yourself or are you an Admin creating tokens to distribute to end users.
Admin OR end user creating a token for yourself?
You must create your token from the home page (scroll to bottom left and you will see 'Manage Access Tokens' under settings. Then follow the instructions below starting at 'Select New Access Token'. Note, in order for end users to grant tokens for themselves they must be granted the 'User Access Tokens' permissions for their role.
Admin creating tokens for distribution to other users?
Use global search for page: tokens or navigate to Setup->Users/Roles->Access Tokens. Then follow the instructions below starting at 'Select New Access Token'.
- Select New Access Token
- Select the application (Celigo CloudExtend for Google Apps) the desired role, and accept the default name for the token name or supply your own then press save.
- IMPORTANT - Save the token ID and token secret on the next screen to a secure location as these need to be shared with each licensed user to be entered into the app and subsequently login.
Step 3: End user login to CloudExtend via tokens
When prompted to login users should select 'Token Based' (1)
Last, enter your token ID (1) and secret (2)