Tutorial: Setting Up Token-based Authentication (TBA) for SuitePOS

Tutorial: Setting Up Token-based Authentication (TBA) for SuitePOS

SuitePOS uses Token-based Authentication (TBA). This is a NetSuite requirement and makes things more secure, reduces management at the terminal level and makes SuitePOS login independent of NetSuite account password policies. 

In summary, setup of TBA takes the following steps:
  • Enable TBA for your NetSuite account
  • Generate an Integration Record for SuitePOS
  • Generate an Access Token for the your active SuitePOS iOS Device role. 
  • Contact SuiteRetail Support with the 4 Tokens
  • Login to SuitePOS

STEP-1 Enable TBA

You need to make sure your NetSuite account is enabled as follows:

Enable Features

Enable Scripting and Token-based Authentication:

Set permissions on the active SuitePOS Device role

Enable Login Using Access Tokens:

STEP-2 Create an Integration Record for SuitePOS

Ensure the follow fields are set:

Make a copy of the Consumer/Client Key and Secret to a text file (YOU ONLY HAVE ONE CHANCE TO DO SO)
A NetSuite Admin or any NetSuite User that has a role with "Manage Tokens" permission will be able to create Access Tokens for specific application integrations.
The active SPOS iOS Device role being used must have the "Login using Access Tokens" permission enabled.

STEP-3 Generate Access Tokens for SuitePOS

For the specific active SuitePOS Device Role and NS user, generate an Access Token (one only)

Currently we only support ONE Access Token per integration.

Best Practices
  • Do not use a temporary or transient NS User/Role to create Access Tokens. If you disable this user, the Access Tokens expire and therefore the integration will not work.
  • It is recommended you create a separate and dedicated NS User/Role to create the Access Token. This will better serve NetSuite Audit Trail requirements since the records SuitePOS creates will be confined to a specific SuitePOS integration and not co-mingled with an existing user.  eg. SPOS@.com.
  • Copy all Keys to a safe place. You may need them in the future (versus regenerating them if forgotten). 

STEP-4 Contact SuiteRetail with the 4 Access Tokens

Contact SuiteRetail Support with the following:

Consumer Key/Client ID: xxxxxxxxxxxxxxx
Consumer Secret/Client Secret: xxxxxxxxxxxxxxxx

Token ID: yyyyyyyyyyyyyyy
Token Secret: yyyyyyyyyyyyyyy

STEP-5 Login to SuitePOS

Once the Keys are on the Entitlement/License Server you will then be able to Register (or Re-Register) SuitePOS with NetSuite by simply entering your NetSuite Account ID.

Changes to any of the tokens and/or Sandbox refresh

If you need to regenerate the tokens - STEP 4 (Contact SuiteRetail Support) and STEP 5 (re-registration) will need to take place. This will occur more often in Sandbox environments when a Sandbox is refreshed.
For Sandbox Refresh, you will need to contact SuiteRetail Support with only the new Access Token and Secret since the integration token will be there from your production account (if  the Consumer Key/Secret tokens were originally generated in production - if not, you will need to do all of STEP 4 so that the Consumer Key/Secret are fixed in place).

    • Related Articles

    • Tutorial: Time-based Promotions

      Requires the purchase of the SuitePOS Advanced Promotions Module With the Advanced Promotions Module. you can specify start and end dates for whole order or item level promotions. Now you can specify start and end times. For example, this feature is ...
    • Setting up Salesforce taxes

      SuitePOS can be configured easily in Salesforce by setting the tax code and tax rate on the POS Settings record. The can then be applied to a group of terminals - typically representing a group of store locations. For more complex tax situations, ...
    • Tutorial: Setting up Dual Display

      Dual Display outputs a SuitePOS shopping cart in real-time to an external monitor or HD TV screen. Each line item, the quantities and running totals (including promotions and discounts) are displayed to the shopping. Certain retail environments may ...
    • Tutorial: Installing SuitePOS for Salesforce

      Pre-requisite: Currently, only the Salesforce Enterprise Edition with "Person Accounts" enabled is supported. The retailer is responsible for installation, applying the upgrades to the SuitePOS package and app, and testing. It is recommended that ...
    • Tutorial: Salesforce Registration and OAUTH 2.0

      In order for SuitePOS to work you will need to first create a POS Terminal record using the 'Device Id" of the terminal and allocate it to a POS Settings record (which contains all of the configuration parameters). Once that is complete, you then ...