Authentication

Outbound Single Sign-on (SuiteSignOn) End of Support in NetSuite 2025.1

As of NetSuite 2024.1, support for the Outbound Single Sign-on (SuiteSignOn) feature ended in non-production accounts, such as sandbox accounts. As of NetSuite 2025.1, this feature will no longer be supported in production accounts.

If you want to keep your integrations working, you must replace them with new integrations using the NetSuite as OIDC Provider feature. This feature is more secure, modern, and a more reliable authentication method. For more information, see NetSuite as OIDC Provider. Consider switching to the NetSuite as OIDC Provider feature as soon as possible.

End of Support for RSA PKCSv1.5 Scheme for OAuth 2.0

As of March 1, 2025, the RSA PKCSv1.5 scheme in algorithms for token signing for the OAuth 2.0 client credentials flow will no longer be supported for security reasons.

Update your integrations to use the RSA-PSS scheme, if you want to keep them working. The length of the RSA key must be 3072 bits, or 4096 bits. Alternatively, you can use an EC key instead. The length of the EC key must be 256 bits, 384 bits, or 521 bits.

If you use any integrations provided by a third party, you must inform the third party to update the integrations to use the RSSA-PSS scheme, or the EC key.

For more information and examples, see OAuth 2.0 Client Credentials Setup.