Hi all, I am looking to setup Okta for NetSuite for SAML access (NetSuite Applications Suite - SAML Single Sign-on https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/chapter_N3825119.html#Single-Sign-on). I have used it before, but not configured it. In that instance, access was given in a group via Okta that would redirect the user to NetSuite, but in order for it to work, you had to go to NetSuite first and manually click on give access and assign a role to the user. I would like to automated that step, but I am not sure if it is possible based on this note in their guide: NetSuite Provisioning - https://saml-doc.okta.com/Provisioning_Docs/NetSuite_Provisioning.html Limitations: “Assigning roles to an employee with no assigned roles:Set giveAccess to true and assigning roles to users who have no access and no roles is available but SWA authentication will be broken as Okta has to reset the employee password according to NetSuite limitations.” Another page that they have for NetSuite - Setup SSO - https://saml-doc.okta.com/SAML_Docs/How-to-Configure-SAML-2.0-for-Netsuite.html What does this exactly means - “SWA authentication will be broken” ? Did anybody managed to automated the giveAccess True, give a role and that this user would then simply log via Okta?

Secure Web Authentication (SWA) is an Okta technology that provides Single Sign-On (SSO) functionality to external web applications that don't support federated protocols. These include Security Assertion Markup Language (SAML), Web Services Federation (WS-Fed), or OpenID Connect (OIDC).

Meaning that, theoretically, I should have no issue to configure it via SAML to automated the giveAccess True, give a role and that this user would then simply log via Okta? I am not sure if I am understanding the documentation + your comment correctly.

my comment is straight from Okta's help guide https://support.okta.com/help/s/article/What-is-Secure-Web-Authentication-SWA?language=en_US