Skip to content

NetSuite Token

Service Name: NetSuite

Service Description: NetSuite is a cloud-based business management suite offering ERP, CRM, and e-commerce functionality. It provides integrated applications for financial management, order processing, inventory management, production, supply chain, and warehouse operations.

Service Address: https://www.netsuite.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the account level through NetSuite's IP address restrictions feature.

Secret Access Scope: Grants programmatic access to NetSuite resources and data through RESTlets, SuiteTalk (SOAP web services), or SuiteScript APIs.

Secret Revokement URL: https://system.netsuite.com/app/setup/accesstokens.nl

Secret Example: e82c01b6a9127bfe2d3c92e3c8041fd7ae9f691e8e20d1dad5a5e7c8f40e7f5a

Suspicious Activity Investigation Instructions:

  • Review NetSuite system logs for unusual API calls or data access patterns
  • Check login history for suspicious IP addresses or times
  • Monitor for unusual data exports or mass record modifications
  • Review integration logs for unexpected API usage patterns
  • Check for unauthorized role changes or permission escalations

Mitigation Instructions:

  • Log in to your NetSuite account as an administrator
  • Navigate to Setup > Integration > Access Tokens

  • Locate the compromised token in the list

  • Click "Revoke" next to the token to immediately invalidate it
  • Create a new token with appropriate permissions if needed
  • Review and update integration permissions to follow the Principle of Least Privilege.
  • Consider implementing IP restrictions for API access if not already in place
  • Update any applications or services using the revoked token with the new token