NetSuite Changelog
AuthenticationReference

OpenID Connect (OIDC) Access Configuration for NetSuite

OpenID Connect (OIDC) enables secure access to web stores in NetSuite, enhancing user control and security management.

·2 min read·View Oracle Docs

TL;DR

OpenID Connect (OIDC) provides an alternative to SAML Single Sign-on for secure access to NetSuite Commerce web stores. Users benefit from increased control over security administration since an OpenID Connect provider (OP) manages credentials. This guide explains how to set up OIDC for your web store and outlines necessary considerations.

What is OpenID Connect (OIDC)?

OpenID Connect is an identity layer built on top of the OAuth 2.0 protocol, allowing users to authenticate using a third-party service rather than simple credentials alone. It uses JSON Web Tokens (JWT) for secure claims transmission between the provider and the application.

Setting Up OIDC for Your Web Store

To successfully implement OIDC for a Commerce web store, follow these steps:

  1. Check Requirements: Ensure your website uses a custom domain and is fully protected. This involves enabling advanced site customization and password protection for the entire site.
  2. OIDC Configuration: Access the Set Up Web Site page, navigate to the SSO tab, and configure the OIDC Provider using the subtab provided.
  3. Enter Credentials: You'll need the Client ID and Client Secret from your chosen OP, which must be entered into the configuration fields.
  4. Choose Configuration Method: Decide to either set the configuration from a URL supplied by your OP or manually input the details. After completing the setup, don’t forget to click Save.

Important Considerations

Before finalizing your OIDC setup, keep the following restrictions in mind:

  • OIDC is only supported on custom domains, such as www.yourdomain.com, and not on netsuite.com.
  • You cannot use both SAML and OIDC for the same website; you must select one.
  • All users must log in using the same method.
  • Ensure all necessary permissions are granted to the roles managing OIDC logins.

Preparing Your NetSuite Account

Before configuring OIDC, the feature must be enabled in your NetSuite account:

  1. Navigate to Setup > Company > Enable Features.
  2. Under the SuiteCloud tab, locate the Manage Authentication section.
  3. Check the OpenID Connect OIDC Single Sign-on box and save your changes.

Who This Affects

  • Administrators: Responsible for configuring OIDC settings on the website.
  • Webmasters: Need to ensure the web store is appropriately protected and configured.
  • Users: Anyone accessing the web store needs to understand the OIDC login process.

Key Takeaways

  • OpenID Connect provides a user-friendly way to manage online security for your NetSuite web store.
  • Configuration of OIDC requires careful attention to security detail and user access.
  • Only one single sign-on method can be employed per web store, choosing from either OIDC or SAML.

Source: This article is based on Oracle's official NetSuite documentation.

Frequently Asked Questions (4)

Does OpenID Connect (OIDC) work with standard NetSuite domains?
OIDC is only supported on custom domains, such as www.yourdomain.com, and not on netsuite.com.
What feature must be enabled in NetSuite before configuring OIDC?
The OpenID Connect OIDC Single Sign-on feature must be enabled under the SuiteCloud tab in the Manage Authentication section.
Can I use both SAML and OIDC for the same NetSuite web store?
No, you cannot use both SAML and OIDC for the same website; you must select one for your web store.
What roles require special consideration for OIDC setup?
Roles managing OIDC logins need to ensure that all necessary permissions are granted.
Source: OpenID Connect (OIDC) Access to Web Store Oracle NetSuite Help Center. This article was generated from official Oracle documentation and enriched with additional context and best practices.

Was this article helpful?

More in Authentication

View all Authentication articles →