Skip to main content
All CollectionsGeneralFAQ
NetSuite message regarding mandatory two-factor authentication policy summary
NetSuite message regarding mandatory two-factor authentication policy summary

Learn how CloudExtend has prepared for NetSuite's mandatory 2FA

Updated over 3 months ago

Customers have reported receiving emails from NetSuite reminding them that certain highly privileged roles require two-factory authentication. The entire message from NetSuite is at the end of this article for your reference. NetSuite's definition of highly privileged roles is here. It should be noted that you may be receiving this email from NetSuite for integrations other than CloudExtend.

Most CloudExtend Apps support 2FA as seen below. Read on for a per App summary of any actions your org may need to take.

ExtendSync for Outlook NetSuite

ExtendSync Outlook users can login with highly privileged roles that require 2FA as long as they have properly configured the permissions for those roles. See this article for full details.

ExtendInsights for Excel NetSuite

ExtendInsights users can login with highly privileged roles that require 2FA as long as they have properly configured the permissions for those roles. See this article for full details.

ExtendSync for Google NetSuite

ExtendSync Google users can manually create login tokens (or have their Admins create them) as outlined here.

NOTE - this is only necessary if users are editing records inside the Gmail extension. All other activities such as attaching emails and files can be performed without logging into NetSuite via ExtendSync.


Email message from NetSuite below

You are receiving this notice because some of your RESTlets or SOAP web services integrations still use user credentials as an authentication method for the Administrator or other highly privileged roles.

This approach is prohibited, because authenticating with user credentials is not compliant with the Mandatory Two-Factor Authentication (2FA) policy for Administrators and other highly privileged roles. To comply with this policy, you must use Token-based Authentication (SuiteAnswers ID 41827), or OAuth 2.0 (SuiteAnswers ID 91092) for your integrations.

Mandatory 2FA Policy Summary
Administrators and other highly privileged roles must authenticate in a way that is compliant with the Mandatory 2FA policy for UI and non-UI access to NetSuite. Using user credentials to access NetSuite through the Application Programming Interface (API) for these roles is prohibited as the authentication method is not compliant with the Mandatory 2FA policy. NetSuite offers other authentication methods that are compliant with the policy and strengthen security of your account: Token-based Authentication and OAuth 2.0.

For more information about Mandatory 2FA, see Permissions Requiring Two-Factor Authentication (2FA) (SuiteAnswers ID 70234), and Mandatory Two-Factor Authentication (2FA) for NetSuite Access (Suite Answers ID 76766).

Required Actions
To be compliant with the Mandatory 2FA policy, you must use either Token-based Authentication or OAuth 2.0 as the authentication method for your integrations when authenticating as an Administrator or other highly privileged roles.

You should update your RESTlets and web services integrations as soon as possible to use one of these authentication methods.

If a partner or third-party supplied your integration and you are unable to change the authentication method, contact the partner or third party and request that they make the required changes.

If you have additional questions, please contact NetSuite Customer Support.


Thank you,
The Oracle NetSuite Team

Did this answer your question?