NetSuite Changelog
CommerceeCommerceSuiteCommerceIntegrationNew FeatureRelease Notes

Single Sign-On Integration for NetSuite Web Stores

Implement inbound single sign-on integration for NetSuite web stores using SAML or OpenID Connect for seamless access.

·2 min read·2 views·View Oracle Docs

Inbound single sign-on (SSO) allows your web store users to log in to an external application and seamlessly access your NetSuite web store without needing to log in again. Meanwhile, outbound SSO provides an option for users to access other applications directly from your web store interface.

How Does Inbound SSO Work?

You can implement inbound SSO using one of two methods:

  • SAML SSO: This method utilizes an authentication process managed by a third-party identity provider (IdP). Users authenticated via the IdP can access your NetSuite web store directly. Explore more about SAML SSO.
  • OpenID Connect (OIDC): This alternative to SAML SSO also relies on third-party authentication, enabling users to log into your web store using OIDC links. Learn more about OIDC access.

Changes for Outbound SSO

As of the 2025.1 release, NetSuite no longer supports outbound Single Sign-On via SuiteSignOn. To enable outbound SSO, you should utilize the NetSuite as OIDC Provider feature, which can facilitate external application access directly from your web store. More information is available here.

Who This Affects

  • Web Store Administrators: Set up and manage SSO for external applications.
  • Developers: Implement authentication interfaces for seamless user experiences.
  • E-commerce Managers: Ensure user access integrates efficiently with external systems.

Key Takeaways

  • Inbound SSO allows users to access NetSuite web stores without multiple logins.
  • You can implement inbound SSO using either SAML or OpenID Connect.
  • Outbound SSO via SuiteSignOn is deprecated as of 2025.1; use OIDC instead.
  • Prepare your website correctly to utilize SSO features effectively.

Frequently Asked Questions (4)

Do I need to use custom domains for Single Sign-on integration in NetSuite web stores?
Yes, whether you choose SAML or OpenID Connect (OIDC) for SSO integration, your NetSuite web store must be set up on custom domains as SSO is not supported on netsuite.com domains.
Can I enable both SAML and OpenID Connect simultaneously for my NetSuite web store?
No, you cannot enable both SAML and OpenID Connect at the same time for a single NetSuite web store. You must choose one method per site.
What changes should I be aware of due to the discontinuation of the SuiteSignOn feature in the 2025.1 release?
With the removal of SuiteSignOn, the outbound SSO method is no longer supported. Instead, users should implement the NetSuite as OIDC Provider feature for outbound access to external applications.
What are the prerequisites for setting up OpenID Connect (OIDC) for my NetSuite web store?
To set up OIDC, your site must use custom domains, and the entire site should be password-protected. Additionally, ensure all users log in using the same credential type, either through the website form or the OP login form.
Source: Single Sign-on Integration with External Websites Oracle NetSuite Help Center. This article was generated from official Oracle documentation and enriched with additional context and best practices.

Was this article helpful?

More in Commerce

View all Commerce articles →