User Provisioning on Infisign - NetSuite

The Document contains the steps needed to enable the configuration of User Provisioning for NetSuite with the following topics:

  • Features
  • Requirements
  • Configuration Steps
  • Schema Discovery
  • Migration Flow
  • Limitations
  • Troubleshooting Tips


The following provisioning features are supported:

  • Profile Source
  • Import New Users
  • Import Profile Updates
  • Push New Users
  • Push Password Updates
  • Push Profile Updates
  • Push User Deactivation
  • Reactivate Users

Netsuite specific features:

  • Work with Token-Based Authentication
  • Supports custom fields for Employees
  • Push, Update and Download Employee Groups


If user have already set up the NetSuite application with Admin Username and Admin password authentication, then the existing settings will continue to work. However if you need to change any provisioning settings, you need to switch to Token Based authentication. Once done Complete the following steps before you configure provisioning for Netsuite

Configure NetSuite

  1. Enable the Web Service feature
    1. Log in to NetSuite as an administrator.
    2. Go to Setup > Company > Enable Features.
    3. Select the SuiteCloud subtab.
    5. Select the Manage Authentication section.
    6. Check TOKEN-BASED AUTHENTICATION (click I Agree on the SuiteCloud Terms of Service page if needed).
    7. Click Save

  1. Obtain your Account ID
    1. Still need to be logged into Netsuite as an Administrator
    2. Goto to Setup > Integration > Web Services Preferences.
    3. Here Copy and Save your Account ID

  1. Set Up Token-Based Authentication (TBA):  (Setting Up Token-based Authentication Roles)

Note: Here you should require a Netsuite account to access NetSuite link which is referenced in this document

    1. Goto Setup > Users/Roles > Manage Roles
    2. Now create a New Role
    3. In the Subsidiary Restrictions section, select all available SUBSIDIARIES:

d. Add the following permissions to this Role

  1. Assign a User to the Token-based Authentication Role
    1. Now Navigate to Lists > Employees > Employees.
    2. Click Edit next to the name of the employee you want to assign the token-based authentication role.
    3. Click the Access tab.
    4. In the Role field, select the token-based authentication role for this employee.
    5. Click Add.
    6. Click Save.

  1. Create an Application for Token-based Authentication:
    1. Navigate to Setup > Integration > Integration Management > Manage Integrations > New.
    2. Enter a Name for your application.
    3. The application State is Enabled by default. (The other option available for selection is Blocked).
    4. Check the Token-based Authentication box on the Authentication tab.

e. Click Save. Now the confirmation page will displays the Consumer Key and the Consumer Secret for this application.

  1. Create a TBA Token and save your "Token Id" and "Token Secret":
    1. Login as a user with the Access Token Management permissions.
    2. Goto Setup > Users/Roles > Access Tokens > New.
    3. The Access Token page displays.
    4. On the Access Token page:
      1. Select the Application Name.
      2. Select the User.
      3. Select the Role.
      4. The Token Name is already populated by default with a concatenation of Application NameUser, and Role. Enter your own name for this token, if desired.
      5. Click Save.

The confirmation page displays the Token ID and Token Secret.

Infisign requires the below set of information

  1. Client ID
  2. Client Secret
  3. Token ID
  4. Token Secret

Still need help? Contact Us Contact Us