Add SAML Single Sign-on Permissions to Roles
You can customize a standard NetSuite role for use with SAML Single Sign-on (SSO) permissions. You can also add SAML SSO permissions to existing roles assigned to users that require this type of access.
If a role is already designated as two–factor authentication (2FA) required, and you add the SAML SSO permission to the role, the 2FA requirement will be ignored. The SAML SSO permission takes precedence.
To complete the following procedure, you must be logged in to NetSuite with an Administrator role. If you need more detailed information about creating roles in NetSuite, see Customizing or Creating NetSuite Roles.
To customize roles and add SAML permissions:
-
Go to Setup > Users/Roles > User Management > Manage Roles.
-
Choose a role and click Customize.
-
Create a unique and identifiable name for the role. For example, you could replace the word Customize in the role name with the word SAML.
-
Click the Permissions tab.
-
On the Setup subtab, select the appropriate SAML permission from the list, and click Add. There are two SAML permissions. Add one or both permissions to the role as appropriate. See SAML SSO Permissions.
-
Click Save.
For more information about SAML permissions, see the following:
Related Topics
- SAML Single Sign-on
- Configure NetSuite with Your Identity Provider
- Complete the SAML Setup Page
- Update Identity Provider Information in NetSuite
- IdP Metadata and SAML Attributes
- Interactions with NetSuite Using SAML
- SAML SSO in Multiple NetSuite Account Types
- NetSuite SAML Certificate References
- Remove SAML Access to NetSuite
- SAML SSO FAQ