Steps to configure SAML SSO for NetSuite
About NetSuite
NetSuite is a cloud-based enterprise resource planning (ERP) software suite that provides organizations with a full suite of applications to run their businesses efficiently and accelerate growth.
The following steps will help you enable single sign-on (SSO) for NetSuite from Identity360.
Prerequisites
- The MFA and SSO license for Identity360 is required to enable SSO for enterprise applications. For more information, refer to pricing details.
- Log in to Identity360 as an Admin or Super Admin.
- Navigate to Applications > Application Integration > Create New Application, and select NetSuite from the applications displayed.
Note: You can also find NetSuite from the search bar located at the top.
- Under the General Settings tab, enter the Application Name and Description.
- Under Choose Capabilities tab, choose SSO and click Continue.
General settings of SSO configuration for NetSuite
- Under Integration Settings, navigate to the Single Sign On tab, select SAML from the Method drop-down, and click Metadata Details.
- Copy the Logout URL value, which will be used later during the configuration of NetSuite.
- Download the metadata file to be uploaded during the configuration of NetSuite by clicking Download from the Metadata field.
Integration Settings of SSO configuration for NetSuite
NetSuite (service provider) configuration steps
- Sign on to NetSuite with your user credentials.
- Go to Setup > Company > Enable Features.
- Select SuiteCloud from the Enable Features menu.
- Scroll down to the Manage Authentication section.
- Check SAML SINGLE SIGN-ON.
- Click Save.
- On the top menu, select Setup > Users/Roles, then click Manage Roles.
- The Manage Roles section that contains a list of all the roles assigned in your organization will open. Select Edit for a role for which you want to enable SAML.
- Scroll down to the Permissions tab and select Setup.
- Select the SAML Single Sign-on option, and ensure that the granted permissions are set to Full, and then select Add.
- Click Save.
Note: Assign the above permission only to roles that need the ability to utilize the SAML SSO connection (for example, admin roles).
- Go back to Setup > Integration > SAML Single Sign-on.
- The SAML Setup page opens. Enter the following:
- LOGOUT LANDING PAGE: Paste the Logout URL that you copied in step 6(i) of prerequisites.
- Enable the PRIMARY AUTHENTICATION METHOD box to redirect users to the Identity360 login page.
- UPLOAD IDP METADATA FILE: Select UPLOAD IDP METADATA FILE, then select Choose File to locate and upload the metadata file downloaded in step 6(ii) of prerequisites.
- Click Submit.
Identity360 (identity provider) configuration steps
- Switch to Identity360's application configuration page.
- Enter the Relay State parameter, if necessary.
Note: Relay State is an optional parameter used with an SAML message to remember where you were or direct you to a specific page after logging in.
- In the Sub Domain field, enter the subdomain name of your NetSuite account. For example, if your NetSuite URL is https://zilliumcorp.netsuite.net, then zilliumcorp is the subdomain.
- Click Save.
Integration Settings of SSO configuration for NetSuite
- To learn how to assign users to one or more applications, refer to this page.
Your users should now be able to sign in to NetSuite through the Identity360 portal.
Note: For NetSuite, both SP-initiated and IdP-initiated flows are supported.
Steps to enable MFA for NetSuite
Setting up MFA for NetSuite using Identity360 involves the following steps:
- Set up one or more authenticators for identity verification when users attempt to log in to NetSuite. Identity360 supports various authenticators, including Google Authenticator, Zoho OneAuth, and email-based verification codes. Click here for steps to set up the different authenticators.
- Integrate NetSuite with Identity360 by configuring SSO using the steps listed here.
- Now, activate MFA for NetSuite by following the steps mentioned here.
How does MFA for applications work in Identity360?