Token-based Authentication (TBA) for Users
As of 2027.1, no new integrations using TBA can be created for SOAP web services, REST web services, and RESTlets. Existing integrations will continue working. Use OAuth 2.0 for new RESTlets and REST web services integrations. For more information, see OAuth 2.0.
For users without a role that has the User Access Token permission, an administrator can create, assign, and manage access tokens.
Users also have the following options to obtain their own access tokens:
-
Users assigned a role that has the User Access Token permission can create, assign, and manage tokens for the current user and current role. For more information, see User Access Token - Create a TBA Token
-
An integration developer creates an application that requests user credentials and gives the user an access token. For more information, see The IssueToken Endpoint.
-
An integration developer creates an application that uses the TBA authorization flow. At the end of the flow, user gets an access token. For more information, see The Three-Step TBA Authorization Flow.
Tokens you create with Token-based Authentication in your NetSuite production account aren't copied to your Release Preview or sandbox accounts. To test this feature in Release Preview or a sandbox, you'll need to create new tokens in that account. Every time you refresh the sandbox, you'll need to create new tokens there.