Create Tokens in the NetSuite UI

The following section applies to both the SuiteTalk and SuiteQL schema if using OAuth 1.0

An older model that may still be used by admins is to simply create and assign a token directly in the NetSuite UI. Doing this will allow you to bypass the normal steps for generating an OAuth Access Token. This may be desireable if you would like to have more direct control over giving access, although it will always require manual steps to be taken in the UI each time. Instead, follow these steps to create a token in the UI:

• In NetSuite, log in as an administrator role and navigate to Setup --> Company --> Enable Features --> SuiteCloud --> Manage Authentication. Make sure Token-Based Authentication and TBA: Authorization Flow are checked and save changes.
• Navigate to Setup --> Integration --> Manage Integrations.
• Create a new integration and select Token-Based Authentication.
• When the integration is created, the Consumer Key and Consumer Secret displayed will map directly to the OAuthClientId and OAuthClientSecret connection properties. Write these down.
• Create a token role by navigating to Setup --> User/Roles --> Manage Roles and either create a new role or edit an existing role.
• Under Permissions --> Setup, the role must have the User Access Token: Full, Access Token Management: Full, and Web Services: Full permissions.
• Add the role to a user under Lists --> Employees --> Employees. Select to edit an employee and add the new token role under Access --> Roles.
• Navigate to Setup --> User/Roles --> Access Tokens and create a new access token. Select the application name as the integration that was created earlier, and the same user and role that were updated in the previous steps.
• After creating the access token, a Token Id and Token Secret will be displayed. These map directly to the OAuthAccessToken and OAuthAccessTokenSecret. Write these down.

After creating the access token, a connection can now be made using the values obtained from the previous steps. Specify these connection properties at a minimum to connect:

• AccountId specifying the account to connect to.
• OAuthClientId the Consumer Key displayed when the application was created.
• OAuthClientSecret the Consumer Secret displayed when the application was created.
• OAuthAccessToken the Token Id when the access token was created.
• OAuthAccessTokenSecret the Token Secret when the access token was created.