NetSuite Changelog
SecuritySuiteScriptAdministration

SuiteScript Roles and Permissions Management in NetSuite

Manage SuiteScript roles and permissions in NetSuite to control access for users, ensuring security and functionality.

·3 min read·1 views·View Oracle Docs

TL;DR

Managing roles and permissions for SuiteScript in NetSuite allows you to control user access, ensuring that users can only perform actions appropriate to their roles. This is essential for maintaining security while enabling functionality.

Understanding SuiteScript Roles and Permissions

NetSuite provides a robust structure for managing user access through standard roles with predefined permissions. These roles apply to customers, vendors, partners, and employees, granting them access to specific areas of your data. Each role defines a different access level, where the Administrator role offers complete access to all SuiteScript functionalities.

To ensure that users can interact with SuiteScript appropriately, you need to configure their roles correctly. This involves adding SuiteScript permissions to the necessary roles to match users' responsibilities.

Adding SuiteScript Permissions

To enhance a role with SuiteScript permissions, follow these steps:

  1. Navigate to Setup > Users/Roles > Manage Roles.
  2. Click Edit next to the role you want to modify.
  3. On the Permissions subtab, select Setup and add the required SuiteScript permissions.

Note: If you customize a role to add SuiteScript permissions, it is crucial to also include permissions for customizing entry and transaction forms.

Types of SuiteScript Permissions

The following table outlines the actions associated with SuiteScript permissions:

ActionPermission Required
View script records and script deployment records.Role with SuiteScript permission (View level)
Create and view script records and script deployment records, and access the SuiteScript library.Role with SuiteScript permission (Create level)
Create, view, and edit script records and script deployment records.Role with SuiteScript permission (Edit level)
Use Save and Execute from the script deployment record UI to run an on-demand scheduled script.Role with SuiteScript permission (Full level)
Debug a SuiteScript 1.0, SuiteScript 2.0, or SuiteScript 2.x script.Role with SuiteScript permission (Full level)
Use an API (e.g., ScheduledScriptTask.submit()) to run an on-demand scheduled or map/reduce script.Role with SuiteScript Scheduling permission (Full level)
Process a script using SuiteScript APIs (like nlobjContext.getPercentageComplete()).Role with SuiteScript Scheduling permission (Full level)

Important Considerations

When customizing roles, keep in mind that roles with the SuiteScript Scheduling permission are required to run scheduled scripts, particularly those executed via API calls. If a user event script attempts to call ScheduledScriptTask.submit(), it must be initiated by a role with appropriate permissions.

Conclusion

Properly managing SuiteScript roles and permissions is critical for safeguarding your NetSuite environment while ensuring users have the access they need to perform their tasks.

Who This Affects

  • Administrators: Responsible for setting up roles and permissions.
  • Developers: Need appropriate permissions to create and debug scripts.
  • End Users: Require access to specific script functionalities based on their roles.

Key Takeaways

  • Use specific roles to control user access to SuiteScript functionalities.
  • Ensure administrators understand the types of SuiteScript permissions available.
  • Custom roles must include permissions for both scripts and form customizations to function correctly.

Frequently Asked Questions (4)

What steps are involved in adding SuiteScript permissions to a role in NetSuite?
To add SuiteScript permissions to a role, navigate to Setup > Users/Roles > Manage Roles and click Edit next to the desired role. On the Permissions subtab, select Setup and add the necessary SuiteScript permissions.
Does a user role need special permissions to execute an on-demand scheduled script in NetSuite?
Yes, a role must have SuiteScript permission at the Full level to use 'Save and Execute' from the script deployment record UI and to run an on-demand scheduled script.
What permissions are required for a user to debug SuiteScript scripts in NetSuite?
A user needs a role with SuiteScript permission at the Full level to debug SuiteScript 1.0, SuiteScript 2.0, or SuiteScript 2.x scripts.
Are there any additional permissions needed when customizing a role for SuiteScript access?
Yes, when customizing a role to include SuiteScript permissions, it is important to also include permissions for customizing entry and transaction forms.
Source: Setting Roles and Permissions for SuiteScript Oracle NetSuite Help Center. This article was generated from official Oracle documentation and enriched with additional context and best practices.

Was this article helpful?

More in Security

View all Security articles →