NetSuite moving to 2 factor authentication, or “TBA”

As you may or may not have heard, NetSuite is changing the way that integrations are allowed to talk to within the program. They will use Token Based Authentication (TBA) when connecting to NetSuite. This is a much more secure option than the current username and password connection. All methods of integration will transition to the TBA method over the coming months.

What is TBA?

TBA is a widely accepted and adopted method that secures and authenticates a connection from one system to another. This process uses NetSuite to generate Tokens, which allow the integration access to the system. There are four different tokens that NetSuite will generate. Of the four, there are two “secret” tokens. Secret tokens do not get passed back to NetSuite during integration. These two secret tokens create an integration signature that NetSuite will authenticate. The remaining non-secret tokens create another connection that NetSuite can authenticate a second time.

NetSuite will use these tokens to not only identify the program that is connection to NetSuite, but also which user is making the request. As part of the TBA capabilities, NetSuite allows you to revoke or disable a certain set of tokens if you wish, triggering NetSuite to reject all future connection attempts with this integration.

NetSuite is rolling this security upgrade out in 2 phases. Phase 1 is part of the 2018.2 release and phase 2 will be rolled out with the 2019.1 release.

What’s Next?

So what do you need to do and when? When 2018.2 is released, all integrations connected to NetSuite using a Highly Privileged permission will need to be TBA formatted or the connection will be rejected. These are all standard and custom roles based off of:

  • Administrator
  • Marketing Administrator
  • Sales Administrator
  • Support Administrator
  • System Administrator

When NetSuite releases 2019.1 NetSuite will require all integrations regardless of role to use TBA. If you do not upgrade the integration, your connection to NetSuite will fail every time.

RSM US has professionals that have helped many clients and companies alike get ahead of this change and update their current integrations to use NetSuite’s TBA process. If you have any questions or you are experiencing connection failures please reach out to us at [email protected] and we will be in contact with you to help you with this process.