Skip to content

NetSuite Token Secret

Service Name: NetSuite

Service Description: NetSuite is a cloud-based business management suite that offers ERP, CRM, financial management, and e-commerce capabilities to help organizations manage their business operations.

Service Address: https://www.netsuite.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the account level through NetSuite's IP address authentication feature.

Secret Access Scope: Grants programmatic access to NetSuite resources and data through RESTlets, SuiteTalk (SOAP web services), or SuiteScript APIs.

Secret Revokement URL: https://system.netsuite.com/app/setup/integservices.nl

Secret Example: e9b7d8c6a5f4e3d2b1a0c9b8a7f6e5d4c3b2a1f0e9d8c7b6a5f4e3d2b1a0

Suspicious Activity Investigation Instructions:

  • Review NetSuite login history and audit logs for unusual access patterns.
  • Check for unauthorized API calls or data exports.
  • Monitor for changes to user permissions or role assignments.
  • Examine integration logs for unexpected connections or data transfers.
  • Review any scheduled scripts or workflows that may have been modified.

Mitigation Instructions:

  • Log in to your NetSuite account as an administrator.
  • Navigate to Setup > Integration > Manage Integrations.
  • Locate the token in question and click "Revoke" or "Delete".

  • Create a new token with appropriate permissions if needed.

  • Update any legitimate applications using the old token.
  • Review and adjust role-based permissions for API access.
  • Consider implementing IP restrictions for API access if not already in place.
  • Enable two-factor authentication for all administrator accounts.