2 MIN READ

Learn how to configure the Token-based Authentication and Two-Factor Authentication in your NetSuite ERP system.

NetSuite supports token-based authentication (TBA) a robust, industry standard-based mechanism that increases overall system security. This authentication mechanism enables client applications to use a token to access NetSuite through APIs, eliminating the need for RESTlets or web services integrations to store user credentials.

Token-Based Authentication & Two-Factor Authentication in NetSuite

The TBA feature was built for integrations. Out of all the inbound single sign-on features available in NetSuite, TBA is the only mechanism mature enough to use with SuiteTalk (web services) and RESTlets. In your integrations, you might need to use certain functions that require an Administrator role. Two–Factor Authentication (2FA) for Administrator roles will be enforced for all existing accounts in 2018.2. In past releases, you could not use TBA tokens for integrations that required an Administrator role. The 2018.1 release introduced support for TBA for Administrators. Using an Administrator role with a TBA token ensures your integrations will continue to work after the upgrade to 2018.2. We recommend that you transition integrations that require an Administrator role to use TBA rather than user credentials.

Download the full guide here:

Read the guide


Our complete guide to NetSuite Token-Based Authentication and Two-Factor Authentication covers the following areas:

  • How to enable Token-Based Authentication (TBA) in NetSuite
  • How to set up Token-Based Authentication roles
  • How to assign users to TBA roles
  • How to manage Two-Factor Authentication (2FA) 
  • 2FA by Phone and 2FA Authenticator Application
  • How to designate 2FA roles
  • How to set up TBA for RESTlet integration
  • Authentication for RESTlets
  • Using OAuth in the Authorization Header
  • Creating applications for Token-Based Authentication
  • Access Token Management (creating and assigning a TBA token)
  • Viewing, editing, creating, and revoking TBA tokens

New call-to-action

Check out our other NetSuite blogs for how-to guides and tips.


Subscribe to updates