ExtendSync for Outlook (NetSuite Edition) and ExtendInsights for Excel (NetSuite Edition) use NetSuite’s secure authentication methods, including:
Token-Based Authentication (TBA)
Single Sign-On (SSO)
Two-Factor Authentication (2FA)
Each time a user logs in, NetSuite generates a Token ID and Token Secret tied to:
The user
The NetSuite role
The NetSuite account
If too many tokens accumulate, NetSuite blocks new logins.
Symptoms
You may see one or more of the following:
Login fails with a message indicating the user has exceeded the maximum number of tokens
ExtendSync or ExtendInsights cannot authenticate
Login previously worked but suddenly stops
Why This Happens
NetSuite Token Limit (Known Limitation)
NetSuite enforces a maximum of 25 active tokens per user.
ExtendSync generates a new token on each login and automatically revokes it only when you log out properly using:
ExtendSync Menu → Log Out
If you regularly close your browser or clear cache without logging out, these tokens can accumulate over time and eventually reach the 25-token limit, preventing new logins.
Common Scenarios Causing Token Build-Up
🔵 User is using Outlook on the web
Behavior:
When using Outlook on the web, ExtendSync relies on the browser’s session storage.
This data is cleared automatically when the Outlook browser tab is closed, an action that’s beyond ExtendSync’s control.
If this happens before you log out via ExtendSync (Menu → Log Out):
The session reference to your NetSuite tokens is lost.
ExtendSync cannot automatically revoke the token.
Over time, these unrevoked tokens accumulate.
Best Practice:
Before closing the Outlook web browser tab, log out of NetSuite via ExtendSync (Menu → Log Out).
💡 Note:
If you exit your browser while the Outlook tab remains open and later restore your tabs, your session data will remain intact.
🔵 User has enabled 'Clear Cache On Exit' for their browser
Behavior:
If your browser is configured to clear cache upon exit, ExtendSync cannot trigger its logout sequence because the cached session data used to revoke tokens is deleted prematurely.
This is most common in:
Edge (default browser cache for modern Windows builds)
Internet Explorer (used in older Windows builds)
Best Practice:
Disable “Clear Cache on Exit” in your browser settings, or ensure you log out via ExtendSync before closing Outlook.
🔵 User manually clears their browser cache
Behavior:
If you manually clear your browser cache without logging out of ExtendSync, your next login will generate a new token.
Since the previous session’s token reference is deleted, it cannot be revoked. This leads to token accumulation.
Best Practice:
Always log out of ExtendSync before clearing browser cache.
How to Resolve the Issue
If you’ve reached the 25-token limit, you must manually revoke old or unused tokens in NetSuite.
In NetSuite, go to Setup → Users/Roles → Access Tokens.
Locate the user’s token list.
Select and revoke older or unnecessary tokens.
Once revoked, you can log back into ExtendSync normally.
✅ Verification
After revoking tokens:
User logs back into ExtendSync or ExtendInsights
Authentication succeeds
No token limit error appears
Need Help?
If you’re unsure which tokens to revoke or the issue persists:
🔎 Search support.cloudextend.io
💬 Chat with Support (bottom-right widget)
📧 Email cloudextend-support@celigo.com
Please include:
NetSuite user name
Approximate number of tokens shown
Screenshot of the Access Tokens page
We’re happy to help you restore access and prevent token-related issues going forward.