Skip to main content

logoCorrectSize.png

Workday Adaptive Planning Knowledge Center

Generate Token-Based Authentication Keys in NetSuite

Explains how to generate token-based access keys required for NetSuite's two-factor authentication.

NetSuite 2018.1 and Two-factor Authentication

For enhanced security, NetSuite’s 2018.1 release requires two-factor authentication (2FA) for all highly-privileged roles in NetSuite production, sandbox, development, and Release Preview accounts. In NetSuite's 2019.1 release, two-factor authentication also becomes mandatory for new integration and API access.

This means the NetSuite user you set up to integrate with Adaptive Planning requires a role with token-based authentication access. You can grant token-based authentication for:

  • A new custom NetSuite role with only the specific permissions needed for integrating, following security best-practices
  • Or the existing administrator (role id=3) web services role

Prerequisites 

  • Log in to NetSuite as an administrator
  • Review the NetSuite account, email address, and NetSuite role you already use in Adaptive Planning

Basic Steps

  • Decide if you want to use a custom role to integrate Adaptive Planning with NetSuite (recommended) or use the existing administrator (role id=3) role

Configure a user with a custom role for integrating with Adaptive Planning (recommended)

  1. Turn on token-based authentication in NetSuite. 
  2. Create the integration record for the administrator. You cannot use the previously existing "Adaptive Insights Integration" record.
  3. Assign the token-based authentication role to a user whose credentials will be used for setting up the integration with Adaptive Planning.
  4. Create an access token for integrating with Adaptive Planning.
  5. Enter the keys in the Adaptive Planning user interface

Configure an existing administrator (role id=3) for integrating with Adaptive Planning

  1. Turn on token-based authentication in NetSuite.
  2. Create the integration record for the administrator. You cannot use the previously existing "Adaptive Insights Integration" record.
  3. Create the user access tokens for the administrator.
  4. Enter the keys in the Adaptive Planning user interface.

Decide if You Want to Use a Custom Role to Integrate Adaptive Planning with NetSuite 

If you want to follow best-practices, create a custom role with only the specific permissions needed to integrate NetSuite with Adaptive Planning. Grant this custom role token-based authentication.

If you already have an administrator (role id=3) you want to continue using for integration, you can create an integration record and user access tokens for it. The steps for an administrator appear at the bottom of this article.

Configure a User with a Custom Role for Integrating with Adaptive Planning (Recommended)

Turn on Token-based Authentication in NetSuite For the Role

  1. Navigate to Setup > Company > Enable features > Suite Cloud > Manage Authentication and select Token-Based Authentication.
    NetSuite - Setup - Suite Cloud - Token-based Authentication Enabled

  2. Navigate to Setup > Users/Roles > Manage Roles and click New to create a new custom role. Name the custom role "Adaptive Planning Integration."

  3. Give the role the permissions needed to integrate with Adaptive Planning  with token-based authentication and add the permission "Setup > Log in Using Access Tokens - FULL."
    NetSuite - Custom Role - Permissions - Log in Using Access Tokens
    For NetSuite Basic's permission read this article 
    For NetSuite enhanced integrations (NetSuite data sources in Integration) use these typical permissions.
  4. Save the role.

Assign the Token Based Authentication Role 

  1. Navigate to Lists > Employees > Employees > Edit User and select the user who manages data integration within Adaptive Planning.
    NetSuite - Lists - Employee - Edit Employee
  2. Click Access > Roles
  3. Assign the custom role you just created to the user.
    NetSuite - Employee - Assign Custom Role
  4. Navigate to Setup > Integration > Manage Integrations > New.
    NetSuite - Setup - Integration - Manage Integrations
  5. Enter the name "Adaptive Planning Integration" and click Token-based Authentication. Double check that State is set to Enabled.
  6. Click Save. This creates an Integration Record you will use to create access tokens.
  7. Copy and paste the following values for the integration record into a text file and save the file in a secure location you can access in the future:
  • Application ID (only used for your record keeping, not used by Adaptive Planning)
  • Consumer Key
  • Consumer Secret

Copy the information to a secure location before you navigate away from this page. It only displays once and can't be retrieved later.

These values are required to complete integration with Adaptive Planning. Next, you'll generate the Access Token and and Access Token ID values for the NetSuite user associated with your Adaptive Planning integration.

Create an Access Token

  1. Navigate to Setup > Users/Roles > Access Tokens and click New.
    NetSuite - Setup Manager - Users Roles - Access Tokens
  2. Select the application name "Adaptive Planning Integration" you created in the previous steps.
  3. Select the user and then the role you created. Select "Adaptive Planning Integration" and associate the Adaptive Planning integration record.
  4. NetSuite generates a response. Copy and paste the Access Token ID and the Access Token into the secure location you created in the previous steps.

Copy the response before you navigate away from this page. It only displays once and can't be retrieved later.

These values are also required to complete integration with Adaptive Planning.

Enter the Keys in Adaptive Planning

For NetSuite Data Sources in Integration

After Adaptive Planning releases support for token based authentication after November 29, 2018, follow these steps to enter your keys.

For NetSuite Basic

After Adaptive Planning releases support for token based authentication expected mid-January 2018, follow these steps to enter your keys.

Configure an Existing Administrator (role id=3) for Integrating with Adaptive Planning

Existing administrator (role id=3) web services users follow different steps than custom roles. Where administrators (role id=3) create access tokens within NetSuite is also different. 

Create the Integration Record for an Administrator

For existing administrator (role id=3) web services users, begin by creating the integration record.

  1. Navigate to Setup > Integration > Manage Integrations > New.
  2. Enter a Name "Adaptive Planning Integration" and click Token-based Authentication. Double check that State is set to Enabled.
  3. Click Save. You just created an Integration Record you will use for generating access tokens.
  4. Copy and paste the following values for the integration record into a text file and save the file in a secure location you can access in the future:
  • Application ID (only used for your record keeping, not used by Adaptive Planning)
  • Consumer Key
  • Consumer Secret

Copy the information to a secure location before you navigate away from this page. It only displays once and can't be retrieved later.

These values are required to complete integration with Adaptive Planning. Next, you'll generate the Access Token and and Access Token ID values for the NetSuite user associated with your Adaptive Planning integration.

Create the User Access Tokens for an Administrator

  1. Log in as the Administrator to NetSuite
  2. Click Manage Access Tokens in the Settings Portlet
  3. Click New My Access Token.
  4. Select the application "Adaptive Planning Integration" you want to associate the access token with.
  5. Click Save.
  6. Netsuite generates a response. Copy and paste the Access Token ID and the Access Token into the secure location you created in the previous steps.

Copy the information to a secure location before you navigate away from this page. It only displays once and can't be retrieved later.

These values are required to complete integration with Adaptive Planning.

Enter the Keys in Adaptive Planning

For NetSuite Data Sources in Integration

After Adaptive Planning releases support for token based authentication following November 29, 2018, follow these steps to enter your keys.

For NetSuite Basic

After Adaptive Planning releases support for token based authentication expected mid-December 2018, follow these steps to enter your keys.

View Token-based Authentication Audit Logs in NetSuite

You can view an audit log in NetSuite to check if the correct token elements get sent to NetSuite from Adaptive Planning during login attempts.

  1. Log in to NetSuite.
  2. Go to Setup > Users/Roles > Login Audit Trail Search.
  3. Select Use Advanced Search.
  4. Select the Results tab.
  5. Add the following to the results:
    • Token-based Access Token Name
    • Token-based Application Name
    • Detail
  6. Submit the search.
  7. Sort the most recent logins to the top and review the status and detail columns for your login attempts.

NetSuite - Login Audit Trail Search Results for Token-based Authentication

 

  • Was this article helpful?