Enable SAML in Multiple NetSuite Account Types

The following procedures do not contain all the details for setting up and configuring SAML. For more details on each step, see the following topics:

Share SAML IdP Metadata in Multiple NetSuite Accounts

You’ll need to follow a special process if you want to add a new account to your existing SAML setup and share the same IdP metadata with it.

Important:

Completing this procedure is only required if you want to add a new account that shares the same configuration with your current accounts. Multiple accounts can share the same IdP if the metadata files are identical.

For example, perhaps you currently use the same SAML metadata for your production and sandbox accounts. You decide you want to purchase another sandbox account and want to use the same SAML metadata in that new account. Or perhaps you want to set up SAML in your Release Preview account. You have two options for setting up SAML and sharing SAML metadata with additional NetSuite accounts.

You should follow the procedure for the preferred option, see Redefine the IdP Configuration.
However, if the preferred option is not feasible for your situation, see Upload an existing IdP metadata file to All New Accounts.

Important:

Ensure you are not sending the account attribute. Using the account attribute locks users in a single account, unable to switch between multiple accounts that trust the same IdP.

If you previously set up your IdP configuration with the account attribute, you must update your IdP configuration. For more information, see Configure NetSuite with Your Identity Provider.

View the following steps to avoid receiving an error when uploading and saving a metadata file from your IdP:

Share SAML IdP Metadata in Multiple NetSuite Accounts

Related Topics