Before You Begin

1) As a NetSuite Administrator, before you begin implementing the steps mentioned in this article, verify if you have already enabled Token-based authentication (TBA) in your Netsuite account.

To verify, go to Setup > Company > Enable Features; then click the SuiteCloud subtab. Here, scroll down to the Manage Authentication section and check if the TOKEN-BASED AUTHENTICATION checkbox is selected. If not selected, then select the checkbox to enable Token-based authentication.

Note: If you are using the Salesforce-NetSuite (IO) Integration App, for more information refer to NetSuite Connection | Token-Based Authentication for NetSuite User.

2) In NetSuite, go to Setup > Users/Roles > Manage Roles; then click Customize corresponding to the Celigo Salesforce Connector TBA Enabled Role role and save the role (clone) with a different name.

Note: "Celigo Salesforce Connector TBA Enabled Role" is a locked custom Celigo role. When cloning the role, you can add additional permissions to the role to fit your requirements. This role is a part of the Celigo Salesforce Integration App version 2.8.0 and above.

3) To the custom role, add Additional permissions for the contract renewal module and SuiteBilling.

Implement Token-Based Authentication for NetSuite User

As a NetSuite administrator, to implement Token-based authentication for a NetSuite user:

1. Assign Role to the NetSuite user.
2. Create an Integration Application (Salesforce Connector) in NetSuite
3. Create Access token values for Integration Application (Salesforce Connector). This token will be used to update the already established NetSuite connection (from Basic Authentication to Token-based Authentication) in your Salesforce Connector that you created in Step 2.
4. Create Access token values for integrator.io. This token will be used to update the already established NetSuite connection (from Basic Authentication to Token-based Authentication) in integrator.io.
5. Update NetSuite connection using the Settings icon of the integration tile using the tokens created in Step 3. This connection gets updated (from Basic to TBA) for use with the Integration Application (Salesforce Connector) you created in Step 2.
6. Update NetSuite connection using the integrator.io menu > Connections using the tokens created in Step 4. This connection gets updated (from Basic to TBA) for use with integrator.io. This update will pull all your legacy integrations on integrator.io. Tip: Search for the NetSuite connection that has the Link SuiteScript Integrator checkbox selected.

Assign Role to NetSuite User

As a NetSuite administrator:

1. Navigate to Setup > Users/Roles > Manage Users.

2. On the Manage Users page, click on the username for whom you want to implement the Token-based authentication. The Employee page appears.

3. Click Edit.

4. On the Employee page, go to  Access > Roles.

5. Add the "Celigo Salesforce Connector TBA Enabled Role" role.

6. Click Save. The confirmation message appears.

Note: "Celigo Salesforce Connector TBA Enabled Role" is a locked custom Celigo role. When cloning the role, you can add additional permissions to the role to fit your requirements. This role  Salesforce — NetSuite Integration App version 2.8.0 and above.

Create an Integration Application in NetSuite

As a NetSuite administrator:

1. Go to Setup > Integration > Manage Integrations > New.
2. Give the Integration a name (for example, "Salesforce Connector").  
3. Make sure the State is set as “Enabled” and check the box under the Authentication Subtab next to “TOKEN-BASED AUTHENTICATION”.  
4. Click “Save”.
5. Upon Save, you will be taken to a confirmation page that displays your “CONSUMER KEY” and “CONSUMER SECRET”.  

Note: CONSUMER KEY and CONSUMER Secret are only displayed once for security purposes and cannot be retrieved again. We recommended that you save them in a password manager application, such as LastPass or store them on your desktop. This way you can reference them later if required.

Create Access Tokens for Integration Application

As a NetSuite administrator, to create tokens for IO:

1. Go to Setup > Users/Roles > Access Tokens.

2. On the Access Token page, click New Access Token. The Access Token page appears.

3. (IMPORTANT) From the APPLICATION NAME drop-down list box, choose the Integration Application name (Salesforce Connector) that you created in NetSuite.

4. From the USER drop-down list box, click List. The user to which you assigned the Roles appears in the Search list.

5. From the ROLE drop-down list box, select the custom role you created. The TOKEN NAME populates automatically.

6. Click Save. 

7. Upon save, NetSuite will display the Token Id & Token Secret that you will be required to input in the integrator.io.

Note: Token Id and Token Secret are only displayed once & cannot be retrieved again. We recommended that you save them in a password manager application, such as LastPass or store them on your desktop. This way you can reference them later if required.

Create Access Tokens for integrator.io

As a NetSuite administrator, to create tokens for IO:

1. Go to Setup > Users/Roles > Access Tokens.

2. On the Access Token page, click New Access Token. The Access Token page appears.

3. (IMPORTANT) From the APPLICATION NAME drop-down list box, select Integrator.io (Token-based Auth).

4. From the USER drop-down list box, click List.

The user to which you assigned the Roles appears in the Search list.

Note: Make sure you have selected the correct Application Name as mentioned in Step 3 above.

5. From the ROLE drop-down list box, select the custom role that you created. The TOKEN NAME populates automatically.

6. Click Save. 

7. Upon save, NetSuite will display the Token Id & Token Secret that you will be required to input in the integrator.io. See next section.

Note: Token Id and Token Secret are only displayed once & cannot be retrieved again. We recommended that you save them in a password manager application, such as LastPass or store them on your desktop. This way you can reference them later if required.

Integration Application (Salesforce-NetSuite Integration App | Update NetSuite Connection with Access Tokens

As a NetSuite administrator or a NetSuite user, who has already received the required Roles/Permissions from the NetSuite administrator, you can update an existing NetSuite connection using Tokens in IO for your Integration App:

1. Login to your integrator.io account.

2. Click the Settings icon of your Salesforce - NetSuite Integration App tile. On the Settings page, in the left pane, click Connections.

3. Click the Pencil icon of the NetSuite connection you wish to change from Basic authentication to Token-based Authentication.

4. From the Authentication Type drop-down list box, select Token.

5. In the Connection window, enter appropriate details in the text boxes that appear and use the above created Consumer Key, Consumer Secret, Token Id and Token Secret. These are the details that you get when you create the Integration Application and when you create access tokens for the Integration Application.

6. Click the Test button. If you have performed the above steps correctly, the Connection is working fine! message should appear.

7. Click the Save button.

integrator.io | Update NetSuite Connection with Access Tokens

As a NetSuite administrator or a NetSuite user, who has already received the required Roles/Permissions from the NetSuite administrator, you can update an existing NetSuite connection using Tokens in IO:

1. Login to your integrator.io account.

2. Click the integrator.io Menu > Connections.

3. Click the Pencil icon of the NetSuite connection you wish to change from Basic authentication to Token-based Authentication.

Tip: Search for the NetSuite connection that has the Link SuiteScript Integrator checkbox selected.

4. From the Authentication Type drop-down list box, select Token.

5. In the Connection window, enter appropriate details in the text boxes that appear and use the created access tokens for integrator.io in Token Id and Token Secret. For more information, refer to Establish Connections in integrator.io and Field Reference Guide.

6. Click the Test button. If you have performed the above steps correctly, the Connection is working fine! message should appear.

7. Click the Save button.