Requirements for Using Token-Based Authentication
To use token-based authentication (TBA) during a SOAP web services request, you must meet several requirements, as described in the following sections:
General Setup Requirements
Before you can use token-based authentication, you must complete several setup tasks. These tasks include the following:
-
The Token-based Authentication feature must be enabled. For details, see Enable the Token-based Authentication Feature.
-
You must have created a role that permits login by using token-based authentication. For details, see Set Up Token-based Authentication Roles.
-
You must have assigned a user to a role that has permission to log in by using token-based authentication. For details, see Assign Users to Token-based Authentication Roles.
-
An integration record for the application must exist at Setup > Integration > Manage Integrations. On the integration record, the Token-based Authentication option must be enabled. For help creating an integration record, see Creating an Integration Record.
-
You must have the consumer key and secret that were generated when the relevant integration record’s Token-based Authentication option was enabled. If you do not have these credentials, you can generate new ones, for applications created in your NetSuite account. Note that if the record was distributed through bundling, the credentials were included in the bundle, and only the owner of the application can regenerate them. For details, see Regenerating a Consumer Key and Secret.
-
You must have created a token and token secret for the user who will send the SOAP web services request for this application. For details on this process, see Manage TBA Tokens in the NetSuite UI.
Additional SOAP Web Services Requirements
For an application to use token-based authentication during a SOAP web services request, all of the following must be true:
-
The request must use request-level credentials, not the login operation. For details on the difference, see Authentication for SOAP Web Services.
-
The request must use a TokenPassport object, not a Passport object. For help updating an integration to use a TokenPassport, see TokenPassport Complex Type and Updating a SOAP Web Services Integration to Send Token-Based Authentication Details.