Role is Missing from Role Page

#Cases Related

  • Administrator just added a new role for a specific user. User does not see the role under View All Roles page.
  • The user’s custom role is missing from the Choose Role Page.
  • Newly Added Role does not Appear in the Choose Role Page of the Sandbox/Production Account
  • Custom Role is Missing from the Choose Role Page
  • Netsuite user to only be used for APIs

Reason

The Web Services Only role and Single Sign-on feature Only might be enabled.

Solution

  1. Navigate to Lists > Employees > Employees
  2. View the record of the employee having this issue
  3. Under Access tab > Roles sub tab click the name of the role
  4. In the Role page, Navigate to the Authentication subtab, make sure Web Services Only role and Single Sign-on Only check-boxes are unchecked

Note: Make sure that you are in View Mode so that the Roles in Step#3 will be clickable

Extra Reading

WEB SERVICES ONLY ROLE

Originated For

A role designated as Web Services Only prohibits the user from accessing NetSuite through the UI. The intention is to enhance the security of your integrations. However, checking the Web Services Only box does not exclude access to NetSuite by other non-UI methods. Be aware that a Web Services Only role could combine with other access permissions. For example, if you designate a role as Web Services Only, and that role (or a user) also has SuiteAnalytics Connect permissions, the user could also access NetSuite through ODBC.

This will allow the user to log in only through a web services application and disallow user interface access and privileges. This role prohibits a user from accessing the system with permissions and privileges that are created specifically for Web services development. This role adds to the security of your integration

SAML Single Sign-on permission

Roles that have this permission are treated differently and don’t show up in View All Roles page unless the user used SAML authentication to sign-in. This is by design, SAML roles and non-SAML roles should not be mixed together. For the user to see the SAML enabled role, the user must login through SAML Single Sign-on.

NoteWhen a role with SAML Single Sign-on permission is added in Production and a Sandbox Refresh is initiated, the role would appear in the View All Roles page when accessing the Sandbox Account (after refresh is complete).

Leave a comment

Your email address will not be published. Required fields are marked *