All Collections
Authentication Guides
NetSuite - Token-Based Authentication
NetSuite - Token-Based Authentication
Jack Cavalier avatar
Written by Jack Cavalier
Updated over a week ago

Step 1: Finding your NetSuite Account ID

1.) Log into your NetSuite portal.

2.) Copy the subdomain of the URL at the top of your browser and enter it within Merge Link.

  • Your NetSuite Account ID is the combination of letters or numbers before ""

  • For example, if your URL is "", the value to input within Merge Link is 7600508

Step 2: Enable Web Services and Token Based Authentication

1.) In your NetSuite account, go to Setup > Company > Enable Features or search Enable Features in the search bar.

  • You must be an Administrator of your NetSuite account to see this option.

2.) Under SuiteCloud, check the boxes next to SOAP WEB SERVICES and REST WEB SERVICES.

3.) Also under SuiteCloud, ensure the box next to TOKEN-BASED AUTHENTICATION is checked.

Step 3: Import the Setup Bundle to Create a Role

1.) In your NetSuite account, navigate to Customization > SuiteBundler > Search & Install Bundles or search Search & Install Bundles in the search bar.

2.) Search for and select one of the Merge Permissions Bundles.

  • Note, there are two available bundles. The Merge Read-only Permissions Bundle will allow for read-only access and the Merge Full Permissions Bundle will allow for read and write access.

3.) Select the Bundle that fits your use case and click Install.

4.) The bundle will begin installing. It may take up to 5 minutes to install and you may be re-routed to the Installed Bundles page when the installation is complete.

The bundle creates a Role that is used to authenticate to NetSuite's API. If you'd like a full list of the Role's permissions, see this article. The Role's permissions may be updated or a separate Role may be used, but doing so could result in permissions issues.

Step 4: Assign a User to the Role

1.) Navigate to Setup > Users/Roles > Manage Users or search Manage Users in the search bar.

2.) In the Manage Users page, either select a user to assign the Role to or create a new user.

  • Most users use an existing user (often yourself) so that an additional NetSuite seat is not consumed.

  • To create a new user, however, go to Lists > Employees > Employees > New. Create the user and grant them NetSuite access by going to the Access tab in the Employee record and select 'Give Access'.

3.) In the user's employee record, click Edit and go to the Access tab. In your Access tab, go to Roles and select the Role you imported through the Import Bundle process in Step 3.

4.) Click Save to apply these changes.

Step 5: Create an Integration to Obtain your Consumer Key and Secret.

1.) Once the user and the role are set up, navigate to Setup > Integration > Manage Integrations > New.

2.) Create an integration with the below details:

  • Any value can be populated in the NAME field.

  • The CONCURRENCY LIMIT should be left unpopulated.

  • Ensure the REST WEB SERVICES box is checked under SCOPE


  • Fill in the CALLBACK URL and REDIRECT URI with a value of

3.) Once the integration is saved, you will receive a Consumer Key and Consumer Secret (at the bottom of the confirmation screen). This will only be shown once, so keep them in a secure place!

Step 6: Creating an Access Token to Obtain your Token ID and Secret.

1.) In your Setup tab, go to Users/Roles, Access Tokens, > New or search New Access Token in the search bar to begin creating a New Access Token.

2.) Ensure the below details are selected and click Save.

  • Application Name: Name of the Integration created in Step 5

  • User: User that the Role was added to during Step 4

  • Role: The imported role (either Merge Full Permissions or Merge Read-only Permissions)

3.) Copy the Token ID and Token Secret and store them in a safe place. They will only be shown once!

Step 7: Paste your NetSuite Consumer Key and Secret and Token ID and Secret into Merge Link

  1. Consumer Key: Confirmation screen after creating the integration (Step 5)

  2. Consumer Secret: Confirmation screen after creating the integration (Step 5)

  3. Token Id: Confirmation screen after creating your Access Token (Step 6)

  4. Token Secret: Confirmation screen after creating your Access Token (Step 6)

Did this answer your question?