It is not possible to provide detailed instructions for configuring NetSuite as a service provider (SP) with your identity provider (IdP). However, see the following procedure for basic guidance on what must be accomplished to set up SAML access to NetSuite with your IdP. The exact steps will vary, depending on your IdP. The procedure will also vary depending on whether the NetSuite application is already configured by your IdP, or if you must create the NetSuite application yourself with your IdP.
Note
Your IdP could be a web application or an on-premises solution. The NetSuite application could already be included in their list of SP applications. The IdP might have a setup wizard or a manual to guide you through the process.
To configure SAML with your IdP:
- Go to your IdP website or an on-premises administration console, and follow the application setup instructions from your IdP.
Note
You must create a new SP application for NetSuite. Refer to your IdP’s documentation for directions on how to do this.
2.Provide the NetSuite Service Provider Metadata to your IdP by one of the following methods
a. Upload the NetSuite SP metadata file, or:
b. Paste the URL for the NetSuite SP metadata file in the appropriate field with your IdP, or:
c. Manually configure SAML on the IdP side by copying information from specific fields in the NetSuite Service Provider Metadata file to the IdP.
If you need instructions because you must manually upload a certificate file, see Extract an Encryption Certificate or Signing Certificate from the SP Metadata File.
Your IdP (website or on-premises console)
3. Your IdP also has an IdP metadata configuration file. You must copy the URL for this file, or download the IdP metadata file. (Later, you must either enter the URL or upload the file into NetSuite on the SAML Setup page.)
4. With your IdP, you must assign (or provision) the NetSuite application to the SAML users in your account.
In many cases, the previous steps take care of all the information you need to provide to the IdP. For more information about signing assertions, encryption, and SAML attributes, see IdP Metadata and SAML Attributes.