NetSuite Changelog
BankingAPIBankingSecurityIntegrationRelease NotesNew Feature

API Secret Management for Banking Integration in NetSuite

Manage API secrets for banking integration in NetSuite to ensure secure encryption of sensitive banking information.

·3 min read·View Oracle Docs

TL;DR Opening

NetSuite's banking integration preferences utilize an API secret to encrypt sensitive banking information, ensuring that transaction data is kept secure. Proper management of this API secret is crucial for system integrity and confidentiality.

What is the API Secret for Banking Integration Preferences?

The API secret is a unique identifier used in NetSuite to securely encrypt sensitive information, such as account numbers, associated with banking integration preferences. This secret is account-wide, meaning that only one API secret is necessary for the entire account.

Guidelines for Creating an API Secret

When creating an API secret specifically for banking integration, adhere to the following guidelines:

  • Create a specific API secret: Refrain from reusing existing API secrets for this purpose.
  • Character Length: The secret should be exactly 32 characters long.
  • No Password Changes: Once you associate the API secret with the banking integration preferences, do not change it. Changing the password can lead to serious encryption and decryption issues, potentially resulting in data loss.
  • Static Association: Do not associate another API secret with a different password for the banking integration preferences after the initial setup.

Remember that once sensitive information has been encrypted with the API secret, you cannot swap it with a different secret or password without risking disruption.

Steps to Create an API Secret

  1. Navigate to Setup > Company > Preferences > API Secrets.
  2. Click Create New at the top of the page.
  3. In the Create New Secret window, input a descriptive name for the secret in the Name field, avoiding sensitive data as this will be visible to users.
  4. Enter a script ID in the ID field, ensuring it is descriptive and free of spaces and special characters.
  5. Input the secret into the Password field; you may also load it from a file. Multi-line secrets must be uploaded from a file.
  6. Confirm the password by re-entering it in the Confirm Password field.
  7. Optionally, check the Expiration Warning box to get UI notifications before the secret expires.
  8. Lastly, provide a description for the secret, ensuring it contains no sensitive information.

Associating API Secret with Banking Integration Preferences

Once the API secret is created, you must associate its ID with your banking integration preferences to enable encryption:

  1. Go to Setup > Brazil Banking Integration > Banking Preferences > New.
  2. In the API Secret for Encryption field, enter the ID of the API secret.
  3. Select Brazil Data for Banking in the Banking Data Retrieval Plug-in Implementation field.
  4. Finally, click Save to complete the setup.

Key Considerations

  • Visibility of Sensitive Data: Avoid including sensitive information in any fields visible to other users.
  • Storing Secrets: API secrets can be managed at Setup > Company > Preferences > API Secrets, allowing for secure reference in third-party integrations, preventing plaintext exposure of secrets.

Key Takeaways

  • Only one API secret is needed for banking integration preferences.
  • The password for the API secret must remain unchanged once set.
  • Proper secret management is essential to prevent data loss.

Source: This article is based on Oracle's official NetSuite documentation.

Frequently Asked Questions (4)

Does the API secret for banking integration apply to NetSuite's standard edition or a specific one?
The article does not specify if the API secret management is limited to a particular NetSuite edition, suggesting it applies to standard NetSuite functionalities involving banking integration.
What are the consequences of changing the API secret password after it has been set up?
Changing the API secret password after setting up banking integration can lead to serious encryption and decryption issues and may result in data loss.
Can an existing API secret be reused for setting up banking integration preferences?
No, you should not reuse existing API secrets for banking integration preferences. A specific API secret must be created for this purpose.
How can you ensure API secrets remain secure in NetSuite?
API secrets should be managed under _Setup > Company > Preferences > API Secrets_ to prevent plaintext exposure of secrets in any third-party integration, and sensitive data should not be included in any fields visible to other users.
Source: API Secret for the Banking Integration Preferences Oracle NetSuite Help Center. This article was generated from official Oracle documentation and enriched with additional context and best practices.

Was this article helpful?

More in Banking

View all Banking articles →