1. Account Administration
  2. Account Setup
  3. NetSuite Company Settings
  4. Manage AI in NetSuite
  5. Manage AI Preferences
  6. Configure OCI Credentials for AI

Configure OCI Credentials for AI

If your company needs more than the free monthly usage allocations for generative AI features in NetSuite, you can configure NetSuite to use your own Oracle Cloud account with OCI Generative AI Service. After you configure your account-level OCI credentials, you can enable their use by Text Enhance, Prompt Studio, and the SuiteScript Generative AI APIs (N/llm module).

When using the unlimited use model through your company’s own Oracle Cloud account, your company pays for use of the Oracle Generative AI service. For more information, refer to the Calculating Cost in Generative AI section and the Billing and Cost Management section of the Oracle Cloud Infrastructure Documentation.

See the following sections to manage your company's OCI configuration for generative AI features:

Before You Begin

If your company would like to use this option and does not yet have an Oracle Cloud account, refer to the Get an Oracle Cloud Account topic and the OCI Generative AI service topic Getting Access Using Policies in the Oracle Cloud Infrastructure Documentation.

After you have an Oracle Cloud account, add the OCI Generative AI Service. For instructions, refer to Getting Access to Generative AI and see the "Access to Generative AI Playground, Custom Models, Dedicated AI Clusters, and Endpoints" section for the policy to add.

Get the OCI configuration details from your Oracle Cloud account.

Note:

Refer to the Oracle Cloud Infrastructure Documentation for the linked topics in the following list.

The necessary configuration details are:

  • User OCID: For more information, refer to Managing Users.

  • Compartment OCID: For more information, refer to Managing Compartments.

  • Tenancy OCID: For more information, refer to Managing the Tenancy.

  • Fingerprint: The OCI fingerprint of the public key. For more information about the OCI fingerprint, refer to Required Keys and OCIDs.

  • Private Key: The private key of the OCI user in a file in PEM format (for example, oci_api_key.pem). For more information about the private key of the OCI user, refer to Required Keys and OCIDs.

  • Endpoint ID: Only needed if you have set up a dedicated AI cluster through Oracle Cloud. For more information, refer to Hosting an Endpoint in Generative AI.

Enable and Configure OCI Credentials for AI in NetSuite

Use the OCI configuration details from your Oracle Cloud account, described in the Before You Begin section, to complete the fields in this section.

To enable and configure OCI credentials:

  1. Go to Setup > Company > AI > AI Preferences.

  2. On the Settings subtab of the AI Preferences page, check the Use OCI Configuration to Get Unlimited Usage box.

    When you check the box to use the OCI configuration, the OCI configuration fields are shown.

  3. Fill in the following fields using the values from your Oracle Cloud account:

    • User OCID

    • Compartment OCID

    • Tenancy OCID

  4. Next, you must create NetSuite API secrets for the OCI fingerprint and OCI private key. Storing the OCI fingerprint and OCI private key as API secrets enhances security when using these OCI credentials in NetSuite.

    1. Click Create your API secrets here. The API Secrets page is shown in a new browser tab.

    2. Click Create New. The Create New Secret dialog is displayed. Create the API secret for the OCI fingerprint as described below, and click Save.

      When you create the API secret for the OCI fingerprint, complete the fields as follows.

      • On the Details tab:

        • For the ID, ensure that it starts with an underscore, because the system adds a prefix custsecret when you save. For example, if you enter _oci_config_fingerprint, then the ID will be custsecret_oci_config_fingerprint after you save.

        • Enter the OCI public key fingerprint value into the Password and Confirm Password fields.

        Create New Secrets dialog, Details tab, completed for the OCI fingerprint as described in the procedure.

      • On the Restrictions tab, use the following settings so that the API secret is usable by any of the generative AI features managed from the AI Preferences page:

        • Check the Allow for All Scripts box.

        • Enter _none_ in the Restrict to Domains field.

        Create New Secrets dialog, Restrictions tab, completed for the OCI fingerprint as described in the procedure.

    3. To create the API secret for the OCI private key, click Create New again. The Create New Secret dialog is displayed. Complete the fields as described below, and click Save.

      • On the Details tab, complete the fields similarly to those for the fingerprint, but upload the private key file instead of entering values in the Password and Confirm Password fields.

      • Use the same settings for the fields on the Restrictions tab.

      Create New Secrets dialog, Details tab, completed for the OCI private key as described in the procedure.

    After you have created the API secrets, they are displayed on the API Secrets page.

    API Secrets management page showing example secrets created for the OCI fingerprint and OCI private key.

  5. Return to the AI Preferences page and enter the IDs of the API secrets in the API Secret for Fingerprint and API Secret for Private Key fields.

  6. Click Save.

  7. Next, configure the generative AI features to use the OCI credentials. Each feature with a subtab on the AI Preferences page has an option for enabling the feature to use the OCI credentials. You can choose to have some, all, or none of the generative AI features use the OCI credentials.

    For example, to use the OCI configuration settings for Text Enhance, click the Text Enhance subtab on the AI Preferences page, check the Use OCI Credentials for Text Enhance box, and click Save.

    For each feature configured to use OCI credentials, NetSuite stops using the limited, free usage mode. NetSuite starts using the paid, unlimited usage mode through your Oracle Cloud account with the Oracle Generative AI Service.

    For more information, see the following topics:

  8. For each feature configured to use OCI credentials, test the new configuration.

    For example, if you have set Text Enhance to use OCI credentials: Go to a page that has a field with Text Enhance enabled and perform a valid action. For more information, see Text Enhance.

    • If the configuration was correct, the Text Enhance action completes successfully, and your current month's free usage count should remain the same.

    • If the configuration was not correct, a Task Unavailable error is displayed. Verify the following items:

      • On the AI Preferences page, Settings tab, do the OCI configuration parameters contain the correct values for your Oracle Cloud account?

      • On the AI Preferences page, Settings tab, were the NetSuite API Secret IDs entered correctly, and do they match the secret IDs and not the secret names as shown on the API Secrets page?

      • On the API Secrets page, were the OCI fingerprint and OCI private key secrets created correctly?

Disable OCI Credentials for AI in NetSuite

You can disable OCI use for all NetSuite generative AI features managed from the AI Preferences page. This action overrides all Use OCI credentials settings on the features' subtabs.

To disable OCI credentials:

  1. Go to Setup > Company > AI > AI Preferences.

  2. From the Settings subtab on the AI Preferences page, clear the Use OCI Configuration to Get Unlimited Usage box.

    Note:

    The OCI configuration fields are hidden on the Settings subtab, but they are not deleted. If you check the Use OCI Configuration to Get Unlimited Usage box, the fields are revealed and the last values saved are still present. If you want to remove the OCI credentials completely, you must clear each field individually, and then disable the OCI credentials.

  3. Click Save.

    • NetSuite resumes using the free, limited usage mode for all generative AI features that are managed from the AI Preferences page, regardless of the feature's setting. The monthly free usage limits and used quantities will be shown in the usage tables on each feature's subtab.

    • When the OCI credentials are disabled, the Use OCI credentials settings cannot be changed at the feature level. The selections made on the feature subtabs are still displayed, but they are overridden by the OCI configuration being disabled on the Settings subtab.

Related Topics

General Notices