You may use the Celigo integrator.io Full Access role w/o 2FA role available in our Celigo integrator.io 20038 bundle to manage your integration application as a reference. This is a locked role and cannot be changed.
If you wish to customize the role or reuse an existing role, you may use the below-listed permissions to configure the custom role used to manage the integration application.
The custom role can be then used to set up a NetSuite connection.
The custom role is not required for all the business users creating or editing the records in NetSuite.
Contents
Permissions
Additional References
Transactions
Permission | Level |
---|---|
Credit Memo |
Edit |
Customer Deposit |
Edit |
Customer Payment |
Edit |
Customer Refund |
Edit |
Find Transaction |
Full |
Fulfill Orders |
View |
Invoice |
Edit |
Item Fulfillment |
Edit |
Opportunity |
Edit |
Estimate |
Edit |
Sales Order |
Full |
Adjust Inventory |
Full |
Cash Sale |
Edit |
Cash Sale Refund |
Edit |
Item Receipt |
Edit |
Return Authorization |
Edit |
Sales Order Approval |
Edit |
Return Auth. Approval |
Edit |
Refund Returns |
Edit |
Reports
Permissions | Level |
---|---|
SuiteAnalytics Workbook |
Edit |
Lists
Permissions | Level |
---|---|
Billing Schedules |
Edit |
Cases |
Edit |
Contact Roles |
View |
Contacts |
Edit |
Currency |
View |
Custom Record Entries |
Full |
Customers |
Edit |
Documents and Files |
Full |
Employee Record |
Edit |
Employees |
Edit |
Items |
Edit |
Locations |
Edit |
Notes Tab |
Edit |
Perform Search |
Full |
Project Tasks |
Full |
Projects |
Edit |
Sales Campaigns |
View |
Subsidiaries |
Full |
Track Messages |
Full |
Bins |
Edit |
Tax Records |
View |
Tax Schedules |
View |
Ship Items |
View |
Setup
Permissions | Level |
---|---|
Access Token Management |
Full |
Accounting Lists |
Edit |
Allow JS / HTML Uploads |
Full |
CRM Lists |
Full |
Custom Fields |
Full |
Custom Lists |
Full |
Custom Record Types |
Full |
Delete Event |
Full |
Set Up Company |
Full |
SuiteApp Marketplace |
Full |
SuiteBundler Audit Trail |
Full |
SuiteScript |
Full |
User Access Tokens |
Full |
Users & Passwords |
Full |
Web Services |
Full |
Accounting Preferences |
View |
Custom Record
Permissions | Level |
---|---|
Celigo SFDC Lookups |
View |
If you’re using the Contract Renewal Module you’ll need to provide the custom-record permissions
Permissions | Level |
---|---|
Contract Item |
Full |
Contract Renewal Preferences |
Full |
Contract |
Full |
Contract Renewal Action |
Full |
Forms
Enable the following forms for a role
- Transaction
- Item
- Custom Record
- Bill of Materials
- Time
- Entity
- CRM
- Other Record
- Inventory Detail
Preferences
Permissions | Level |
---|---|
Global Search Includes Transaction Numbers |
True |
Comments
6 comments
Could you please explain the purpose of this Document? Is it intended to detail the Celigo IO Integration Admin role that comes with Bundle 20038? Is it the permissions I should have in order to install the Integrator App? Is it the set of permissions users should have to work in NetSuite once I have the integrator App installed?
And, what is the purpose of the of the Celigo IO Integration Admin Role that came with Bundle 20038?
FYI, I had to add many permissions to the " Celigo IO Integration Admin Role " in order to align with this document.
More importantly:
Lists: Sales Campaigns does not exist
Lists: Ship Items is actually Shipping Items
Setup: Web Services does not exist (this also ripples to https://docs.celigo.com/hc/en-us/articles/115000389172-Pre-installation-tasks )
Purpose of the document is to list the permissions required in NetSuite to manage the integration application, in case you wish to set up a custom role. You may use Celigo integrator.io Full Access role w/o 2FA role available with bundle 20038 as a reference.
Celigo IO integration Admin is an old role which has basic permissions required for managing integration app. We recommend you to use Celigo integrator.io Full Access role w/o 2FA role because it excludes the 2FA privilege.
Please feel free to ignore Sale Campaigns and Web Services if it is not available in your NetSuite account.
Thank you so much for your response. It is super helpful.
I looked through the permissions in the 'Celigo integrator.io Full Access w/o 2FA’ role.
It appears that the ‘Celigo integrator.io Full Access w/o 2FA’ role is missing (according to the list above):
^Lists-> ‘Billing Schedules’, ‘Subsidiaries’, ‘Tax Schedules’
^Setup-> ‘Access Token Management’,
-> 'Custom Fields' and 'Custom Lists' were only enabled for View, not Full
^Custom Record -> Celigo SFDC Lookups
Are these not important, or should I add them?
'Subsidiaries' and 'Tax Schedules' are important for Salesforce-NetSuite IA.
'Billing Schedule' is usually not required.
We recommend 'Custom Fields' and 'Custom Lists' to be changed to Full.
Our recommendation is to use ‘Celigo integrator.io Full Access w/o 2FA’ role as a base, and add all available permissions in this article to ensure no issues in your setup.
Some of these field permissions depend on your requirements, i.e. it depends on what you use or do not use in NetSuite. The above list is exhaustive, it assumes you are using all features.
On the other hand, ‘Celigo integrator.io Full Access w/o 2FA’ role encompasses the mandatory permissions required across all Celigo integrations.
You claim ‘Celigo integrator.io Full Access w/o 2FA’ role encompasses the mandatory permissions required across all Celigo integrations. This was, and still is, false. I just got an error due to the newly missing "Currency" permission when I refreshed the Currencies in the General configuration of IA (My connector uses a clone of this role via the access Token).
I have Celigo Salesforce Connector [IO] 1.6.0
and Celigo integrator.io 20038 v 1.15.0.0
It been 6 months and Celigo Still has not fixed this in the ‘Celigo integrator.io Full Access w/o 2FA’ role you provide, yet instead it has gotten worse. The following permissions are listed as necessary in this document, but are not in the role:
^Lists-> ‘Billing Schedules’, ‘Subsidiaries’, ‘Tax Schedules’, NEWLY MISSING PERMISSION: 'Currency'
^Setup-> ‘Access Token Management’, NEWLY MISSING PERMISSION: 'User Access Tokens'
-> 'Custom Fields' and 'Custom Lists' were only enabled for View, not Full (this document recommends FULL, but the role only has "View")
It is very tedious to have to go through and verify every one of these permissions.
Celigo Team: please correct me if I'm wrong, but it seems that Publish Search is needed in Lists section, with at least Edit access. Otherwise when integrator.io changes locked Saved Searches created by the SuiteApp, it will change them to be Private and eventually won't be able to access them afterwards. This may happen, for example, when you're enabling Test Mode - it modifies saved searches with additional criteria and makes them private, which then causes an error stating that Saved Search does not exist.
UPD: I now see that the locked role from the bundle has this permission as well as a few others not mentioned in this article.
Please sign in to leave a comment.