This article will teach you how to solve the most common permissions-related challenges with your NetSuite integrations on the SyncApps platform.
Most Common Problem in NetSuite Integration: No Errors But the Integration Fails
If you do not receive any errors, yet your records are still not synced, please check if you have set your NetSuite Role to view all or only the selected subsidiaries in your NetSuite Account.
What Level of Permission Does My NetSuite Integration Account Need?
- 2FA is required for Integration Object and Administrator/API Roles.
- While using Token-Based Authentication, you can not create and update users with Administrator and Full Access roles due to NetSuite security parameters.
- NetSuite will still allow the use of a custom role with Full permissions on some objects (Contacts, Customers, etc.).
NetSuite permissions added to a role or employee can take up to a day to take effect in NetSuite. Using Token-Based Authentication, please see here.
Best Practices for SyncApps Integration Setup for NetSuite Role/Permissions
1. Create a NetSuite Custom Role
2. Assign required permissions to the NetSuite Custom Role (Permissions List based on integration)
3. Assign the role to the NetSuite username used in your SyncApps integration
4. Specify the Role ID in Set Up configuration (this step is not needed if you use Token Based Authentication)
Getting the hang of it?
Now you need to have the specific PERMISSIONS LIST for the role:
Please assign the following permissions (Full) to the NetSuite Custom Role.
Adding new permissions in NetSuite can take up to 24 hours to take effect.
Required Permissions for NetSuite Integrations
1) Lists - Customers (if you have renamed this Entity in NetSuite, please select the Entity name instead)
2) Lists - Contacts (Contact Roles)
3) Lists - Marketing Campaigns
4) Lists - Marketing Template
4) Setup - Customer Status
5) Setup - Custom Fields
6) Setup - Custom Body Fields
7) Setup - Custom Entity Fields
8) Setup - Custom Record Types
For accessing any custom field with custom record reference, please make sure you also assign Lists > Custom Record Entries permission.
9) Setup - Custom Lists
10) Setup - CRM Lists
11) Setup - Deleted Records (for Deleted Customer/Contact sync)
12) Setup - Setup Campaigns (for Subscription sync)
13) Setup - Set up SOAP Web Services
14) Setup - User Access Tokens (for Token-Based Authentication)
15) Transactions - Find Transaction (if you use this type of Saved Search)
16) Transactions - Sales Order, Return Authorization, Quotes, Estimates, Invoices, etc. (if using these types of Saved Searches)
17) Lists - Partners (if using this type of Saved Search)
18) Lists - Vendors (if using this type of Saved Search)
19) Lists - Employees (if using this type of Saved Search)
20) Lists -> Employee Record if accessing the Sales Rep field in NetSuite.
Please continue scrolling down, as you might have other integrations with SyncApps that require more permissions.
For Support Integrations, You Will Also Need to Assign the Following NetSuite Permissions to Full:
1) Lists - Case
2) Lists - Employees
3) Lists - Employee Record
4) Lists - Events
5) Lists - Track Messages (for Comment sync)
6) Setup - Support Case Origin
7) Setup - Support Case Priority
8) Setup - Support Case Status
9) Setup - Custom Event Fields
10) Setup - Support Case Type
For the Zendesk App for NetSuite or Freshdesk for NetSuite, You Will Also Need to Assign the Following NetSuite Permissions to Full
1) Transactions - Sales Order
2) Transactions - Cash Sale (for some Customized apps)
3) Transactions - Item Fulfillment
4) Transactions - Fulfill Sales Orders
5) Transactions - Return Authorization (for RMA creation feature)
For the Mailchimp eCommerce Feature, the Following NetSuite Permissions Are Also Needed:
1) Transactions - Sales Order
2) Lists - Items
3) Setup - Custom Item Fields
4) Setup - Custom Transaction Fields
5) Transactions - Find Transactions
6) Setup Accounting Lists
7) Custom Record - Customer type
8) Lists - Currency
9) Lists - Locations
10) Lists - Documents and Files
All standard or custom fields that need to be updated by SyncApps must be displayed and editable in the preferred form. If the field default access is View, please add Edit permission to the role that is used for integration.
SyncApps will not integrate NetSuite inactive or Hard/Soft Opt-Out records due to API limitations.
Field Mapping Error
Do you have custom fields to map between NetSuite and Zendesk?
Additional Field Mapping is optional in your Set Up as primary ticket fields such as subject, description, type, status, and priority are already mapped.
Try out in edit mode in your Set-Up in step, Field Mapping.
If you get an error like the one below, please add 'Custom Event Fields' permission to your NetSuite record.
- Permission Violation: To access this page, you need the 'Custom Event Fields' permission. Please get in touch with your account administrator. (Error code: INSUFFICIENT_PERMISSION)
Need NetSuite Customer to Zendesk Organization fields to map over? See here.
Saved Search Errors
Suppose your NetSuite integration cannot get a specific Saved Search ID, which you entered in your integration setup, or you have any Custom Record creation issues. In that case, the SyncApps will produce the following errors:
- Marketing Metrics-related error (ERROR Unable to get or create a custom record for email marketing history)
- A saved search with the internal ID xxx does not exist. (Error code: INVALID_SAVEDSEARCH)
SyncApps return these errors in one of the following cases:
- The specified Saved Search is not a Contact, Customer, or Transaction Saved Search.
- The invalid/wrong Object Type is selected in the configuration.
- The specified ID is not a Saved Search Internal ID (Internal ID must be a number). To find the Saved Search internal ID (numeric), look for the ID, which is at the end of the NetSuite Saved Search URL in your browser when you run it.
- The Saved Search is not set to "Public."
- Insufficient Permissions for saved search or custom records.
To quickly resolve this issue with your NetSuite Administrator or on your own, try the following steps:
1. Make sure that the Saved Search Type is correct.
2. The Saved Search Object Type in the configuration must match the one in NetSuite; otherwise, you will get an invalid Saved Search error.
3. In the Saved Search definition, make sure the "Public" checkbox is checked for the specified NetSuite Saved Search. Also, change the Saved Search owner to the NetSuite username used in your SyncApps setup on Cazoomi.
4. Try to run the sync to see if it works. If the error persists, proceed with the following steps.
5. Assign NetSuite "Publish Search” global permission to the username that is used in SyncApps. Once the permission has been assigned, try to re-run the sync.
If you still get the same error, please try to recreate a new Saved Search based on the current Saved Search criteria in your NetSuite account.
You can also try to use another NetSuite username to test.
Please add "Employee Record" permission.
The Employee Record permission is a part of the Advanced Employee Permissions Enhancements for release 2018.1. The Employee Record permission replaces the Employee Search and Employee Navigation permissions introduced in NetSuite 2017.2. In combination with employee-specific permission, roles assigned with this permission can search for employees and see employee menus (List > Employees) within NetSuite.
03 Mar 2021 14:08:09
Unable to find support employees for firstname.lastname@example.org. You cannot perform this search because you do not have permission to access employee data. For more information, contact your system administrator. (Error code: USER_ERROR)
Next, save the user, then re-add the NetSuite role permission again. Please note it takes up to 24 hours for new permissions in NetSuite to take effect.
"Unable to Log in to NetSuite" Error
Have you encountered an ‘Unable to log in to NetSuite’ error when trying to update/modify your Set Up?
When you try to modify your Set-Up, make sure that your email, account number, and password are correct. Make your default NetSuite login the role as Admin, and make Admin as Web Services preferred role. Moreover, you can add Full Web Services permissions to the User in NetSuite.
If you did all these and still get this error, please look here; the error is different yet seems related. Just follow the steps from that article to solve the error.
Please assign the following Global Permissions (set to Full) on the NetSuite user used in SyncApps:
3) Custom Fields
4) Custom Body Fields
5) Custom Entity Fields
6) Custom Record Types
7) Custom Lists
8) Web Services
9) Transactions (if you use this type of Saved Search)
10) Partners (if you use this type of Saved Search)
If the error persists after changing the password, please make sure that Chrome Password Saver or PasswordSafe is disabled. Also, try Chrome Incognito mode if needed.
Check out our blog on How to Avoid the Most Common Permissions Challenges in Integrating with NetSuite
Need Some Help with a Human Touch?
Check out the options below on how you can contact our Support Team and find the answers you need to help you with your SyncApps integrations.
Help Center & Email is 24/7 to email@example.com | Live Chat & Phone have to be scheduled.
Check out these Help Desk articles for answers to frequently asked questions.
Be sure to see one customer's story on how SyncApps helped them save 13 days per year of manually importing/exporting data!