Skip to main content


Workday Adaptive Planning KB

Permissions Required for Custom Roles in NetSuite Data Sources

Describes the custom role permissions needed in NetSuite to get the default set of tables from NetSuite into an Adaptive Insights NetSuite Data Source.

These permissions are only for the NetSuite data source in Integration. For NetSuite Basic permissions, go here.

When you create a custom NetSuite Web Services Only Role within NetSuite, this role typically needs a common set of permissions to get the default set of NetSuite tables, columns, records, and fields into Adaptive Insights.

Before You Begin

  • Log in to NetSuite as an admin
  • Understand what you need to load from NetSuite to Adaptive Insights for your organization

How to Edit Roles in NetSuite

  1. Log in to NetSuite as an administrator.
  2. Navigate to Setup > Users/Roles > Manage Roles.
    NetSuite - Setup - Users Roles - Manage Roles
  3. Click Edit for the role.
  4. Click Permissions at the bottom of the role page. The permission types appear as tabs.

NetSuite - Manage Roles - Edit Role - Permissions

Permissions for the Default Set of NetSuite Tables

Lists > Perform Search – FULL
Lists > Accounts – VIEW
Lists > Classes – VIEW
Lists > Customers – VIEW
Lists > Departments – VIEW
Lists > Employee Record - VIEW (required if the customer has the Advanced Employee Permission feature)
Lists > Employees – VIEW
Lists > Items – VIEW
Lists > Jobs – VIEW
Lists > Locations – VIEW
Lists > Projects – VIEW
Lists > Vendors – VIEW
Lists > Subsidiaries – VIEW (required for multiple subsidiaries)
Reports > Financial Statements – VIEW
Setup > Accounting Lists – VIEW
Setup > Deleted Records – FULL
Setup > Login using Access Tokens – FULL (required for NetSuite 2018.1 with token-based authentication)
Setup > User Access Tokens – FULL (required for NetSuite 2018.1 with token-based authentication)
Setup > Manage Accounting Periods – VIEW
Setup > SOAP Web Services – FULL
Transactions > Find Transactions – VIEW
Transactions > Each transaction type (e.g. Make Journal Entry, Opportunity, etc.) that you wish to process also needs to have its permission enabled for view access.

Permissions can be renamed in NetSuite. If you don't see a permission from this list, navigate in NetSuite to Setup > Company > Rename Records/Transactions and check for changed names. For example, Class could have been renamed Classification. Error messages use the original names.

Permissions for Subsidiaries

For NetSuite OneWorld accounts with multiple subsidiaries, grant access to all subsidiaries for the role accessing NetSuite. In the Subsidiary Restrictions section of the role page, set accessible subsidiaries to ALL.

Permissions for Custom Fields

These permissions are only required to retrieve custom fields from NetSuite.

Setup > Custom Body Fields – VIEW
Setup > Custom Column Fields – VIEW
Setup > Custom Entity Fields – VIEW
Setup > Custom Event Fields – VIEW
Setup > Custom Item Fields – VIEW
Setup > Other Custom fields – VIEW

Permissions for Custom Records

This permission is only required to retrieve custom field records from NetSuite.

Setup > Custom Record Types – VIEW

Permissions for Custom Segments

If you have a NetSuite Custom Segment, you need to grant permissions for the role accessing NetSuite in the NetSuite segment configuration. For more about permissions for Custom Segments, search the NetSuite help system for the topic Granting Roles Permission to Use Segments in Searches and Reports.

You can use Custom Segment permissions to resolve errors in the event log that indicate:

Permission Violation: You need a higher permission for value management of custom segment <segment name> to access this page. Please contact your account administrator.

Within NetSuite:

  1. Edit the custom segment.
  2. Select the Permissions subtab.
  3. Reference the role that requires access in the Permissions sublist.
  4. Review the sublist to see if the role is already there.
    • If the role isn't there, add a line to the sublist. Select the role in the Role column. Choose the needed access level in the Search/Reporting Access Level column. View the values for this role in the Value Management Access Level and Record Access Level columns. Review the Value Management Access permission carefully. This permission lets the user create values. Select Add.
    • If the role is already listed but can't manage values, edit the role's access. Find the role in the sublist. Set the corresponding value in the Search/Reporting Access Level column to Edit. Select OK.
  5. Set the default search/reporting access level in the Default Search/Reporting Access Level list. This access level applies to roles that doon't show up in the Permissions sublist with a specified access level.
  6. Select Save.


  • Was this article helpful?