CloudExtend Applications communicate with NetSuite using NetSuite web services. NetSuite does not support 2 Factor Authentication (2FA) for the web services version we use, therefore our Applications are not able to authenticate via 2FA.
To provide an extra level of security, NetSuite 2018.2 release requires all NetSuite users with privileged roles (Admin, Full Access) to use two-factor authentication (2FA).
We are currently working to enhance the login process to support Single Sign On (SSO) and Token Based Authentication (TBA) by the end of 2018.
In the meantime we suggest you follow the steps below to be sure CloudExtend will continue to work for you.
Recommended Process for users that need to sign in with roles that require 2FA or SSO
- Clone the role your NetSuite user would normally login under. Note, users on NetSuite 2018.2 and higher will not be able to use Admin or Full Access roles since NetSuite no longer supports these roles without 2FA.
- Be sure the following permissions are not enabled for the role:
- Access Token Management
- Two-Factor Authentication
- Two Factor Authentication base
- Be sure that the following permissions, at a minimum, are enabled
- Lists-Track Messages
- Perform search
- Check off ‘Web Services Only’
Checking off 'web services only' increases security by ensuring that users can only log in via apps such as CloudExtend. They will not be able to log in via the UI (ie www.netsuite.com).
- When signing in to NetSuite via CloudExtend applications be sure to select this new role.