Configuring Provisioning for NetSuite

This guide provides the steps required to configure Provisioning for NetSuite and includes the following topics:

• Features
• Requirements
• Configuration Steps in Okta
• Troubleshooting Tips

---

Features

The following provisioning features are supported:

• Import New Users

  New users created in the third party application will be downloaded and turned in to new AppUser objects, for matching against existing OKTA users.

• Import Profile Updates
• Push New Users

  New users created through OKTA will also be created in the third party application.

• Push Password Updates

  Updates made to the user's password through OKTA will be pushed to the third party application.

• Push Profile Updates

  Updates made to the user's profile through OKTA will be pushed to the third party application.

• Push User Deactivation

  Deactivating the user or disabling the user's access to the application through OKTA will deactivate the user in the third party application.

• Reactivate Users

  Reactivating the user through Okta will reactivate the user in the 3rd party application.

---

Requirements

Note: If you already have setup the NetSuite application with Admin Username and Admin Password authentication, your existing settings will still work, however if you need to change any provisioning settings you have to switch to Token Based authentication.

Complete the following before you configure provisioning for NetSuite:

Configure NetSuite

1. Enable the Web Services feature (the NetSuite web services feature needs to be enabled prior to submitting web services requests):

   • Log in to NetSuite as an administrator.

   • Navigate to Setup > Company > Enable Features.

   • Select the SuiteCloud subtab.

   • Check the Web Services box.

   • Click Save.

2. Obtain your AccountID:

   • Still logged into NetSuite as an administrator.

   • Navigate to Setup > Integration > Web Services Preferences.

   • Copy and save your Account ID as shown below:

     

3. Set up Token-Based Authentication (TBA):

   Note: You require a NetSuite account to access the links referenced in this step.

   • Follow the steps in this Getting Started with Token-based Authentication guide, and save your consumer key and consumer secret.

     • Enabling the Token-based Authentication Feature

     • Setting Up Token-based Authentication Roles

     • Assigning Users to Token-based Authentication Roles

   • Create a TBA Token by following the instructions in Access Token Management – Create and Assign a TBA Token instructions in the Managing TBA Tokens guide and save your Token Id and Token secret.

---

Configuration Steps in Okta

1. Configure your Provisioning settings for NetSuite as follows:

   • Click Enable API integration.

   • Enter your NetSuite API Credentials

     • Admin Account ID.

     • Consumer Key.

     • Consumer Secret.

     • Token ID.

     • Token Secret.

     

   • Select To App from the left menu, then enable the provisioning to app features you require.

   • Click Save.

2. You can now assign people to the app (if needed) and finish the application setup.

---

Troubleshooting Tips

• Problem with password push from OKTA to NetSuite:

  

OKTA and NetSuite by default use similar password policies, but NetSuite uses additional checks and can block too simple to guess password. Ensure users use strong enough passwords.