Oracle NetSuite SuiteTalk

Connect Foundry to Oracle NetSuite using the SuiteTalk framework and start syncing data from your NetSuite ERP to Foundry.

Supported capabilities

Capability	Status
Exploration	🟢 Generally available
Batch syncs	🟢 Generally available
Incremental	🟢 Generally available

Setup

Open the Data Connection application and select + New Source in the upper right corner of the screen.
Select NetSuite SuiteTalk from the available connector types.
Choose to use a direct connection over the Internet or to connect through an agent runtime.
Follow the additional configuration prompts to continue the setup of your connector using the information in the sections below.

Learn more about setting up a connector in Foundry.

Authentication

The NetSuite SuiteTalk source uses token-based authentication (TBA) ↗.

The token-based authentication feature must be enabled on your account. To enable TBA, see the NetSuite documentation ↗.

Configure user roles and permissions in NetSuite

Access control in NetSuite is configured via the assignment of roles to a user; each role is a collection of permissions that define what tasks the user can perform and what data they can access. We recommend the following configuration for the user that will connect to Foundry:

Create a dedicated role with appropriate permissions.
1. From NetSuite’s tool bar, select Setup > Users/Roles > Manage Roles > New and provide an explicit name to the role. We recommend using foundry-role.
  - You can optionally tick the Web Services only configuration box.
2. Add system-wide permissions to the role by navigating to the bottom of the role page and selecting Permissions > Setup. The minimal required permissions you need to add are:
  - Log In using access tokens,
  - SOAP Web Services,
  - Other Custom Fields,
  - Custom Body Fields,
  - Custom Item Fields,
  - Remember to Save the permissions.
3. Add table permissions to the role for tables you want to be able to query from Foundry by navigating to the bottom of the role page and selecting Permissions > Lists. Select the tables you want, select Add then Save.
Assign the new role to a user.
1. From NetSuite’s tool bar, select Setup > Users/Roles > Manage Users. Select the user you want to use to connect to Foundry, and select Edit.
2. Navigate to the Access tab and make sure the Give Access checkbox is ticked.
3. In the Roles tab, select the newly created role (foundry-role) from the dropdown list, select Add and then Save.

To verify that you added the correct permissions, log in as the user you have assigned the new role to, and check that you can view all the data that you expect.

Configure integration and access tokens in NetSuite

Integration records are used in NetSuite to manage connections to external systems. We recommend the following configuration to connect to Foundry:

Create a new Integration record using TBA (see more details ↗).
1. From NetSuite’s tool bar, select Setup > Integration > Manage Integrations > New and provide an explicit name to the integration. We recommend foundry-integration.
2. Make sure the State is Enabled and that only Token-based Authentication is ticked. All other boxes should be unticked.
3. After you Save, make a note of the CLIENT ID and CLIENT SECRET. You will need them to configure Foundry.

CLIENT ID and CLIENT SECRET will only be displayed the first time you save the integration record. To get new values, you must reset the CLIENT ID and CLIENT SECRET, which invalidates the previous values.

Create and assign a TBA token.
1. From NetSuite’s tool bar, select Setup > User/Roles > Access Tokens > New.
  - If you can't manage tokens for other users, navigate to the bottom-left Settings panel on NetSuite's homepage and select Manage Access Tokens.
2. Select the newly created application (foundry-integration in our example), the user to which you've assigned the newly created role (foundry-role), and the newly created role.
  - If you can't manage tokens for other users, your user will be selected by default. Make sure your user has the newly created role (foundry-role) assigned to it.
3. After you Save, make a note of the TOKEN ID and TOKEN SECRET. You will need them to configure Foundry.

TOKEN ID and TOKEN SECRET will only be displayed the first time you save the token. You will need to create a new token to get a new TOKEN ID and TOKEN SECRET.

Learn more about token management in NetSuite. ↗

Networking

The NetSuite SuiteTalk connector requires network access to the NetSuite instance to which you want to connect.

Option 1: Direct connection

If you are connecting via a direct connection, you will need to add the following egress policies to the source:

<ACCOUNT_ID>.suitetalk.api.netsuite.com on port 443; you can find your account ID in the URL when connected to NetSuite.
webservices.netsuite.com on port 443.

If these egress policies do not exist, you can request them; otherwise you can add them.

Option 2: Agent connection

If you are connecting with an agent runtime, you must ensure that the agent host has firewalls open to the host names, IP addresses, and ports required to connect to your NetSuite Connect instance.

Connection details

Option	Required?	Description
`Account ID`	Yes	NetSuite Account ID, found as a prefix in your NetSuite's instance URL
`Client ID`	Yes	`CLIENT ID` copied when creating the `foundry-integration`
`Client secret`	Yes	`CLIENT SECRET` copied when creating the `foundry-integration`
`Access token`	Yes	`TOKEN ID` copied when creating the TBA token
`Access token secret`	Yes	`CLIENT ID` copied when creating the TBA token

Creating a sync

The NetSuite SuiteTalk source can be explored to discover tables and create new syncs. You can also manually create new syncs from the overview page of the source.