X-posting from #CKMKB8QQP, since it sounds like SDF might be the answer to my problems. Thoughts on how to set up permissioning for an external application that reads from customers’ NS via REST? https://netsuiteprofessionals.slack.com/archives/CKMKB8QQP/p1698363914631529

if you can setup the role once in a NetSuite account you can export the role definition as XML via SDF which you can then install in any other account using SDF but you will need a role with SDF access in the account to set it up

Thanks @Anthony OConnor! Asking a user to set up a role that gives us SDF access seems like an easier ask than a role with N different scopes. That’s an interesting idea. Any pointers to docs about the XML bit?

XML is just the format used by SDF for configuration, there's literally a button in the UI to export as XML so once you have the role setup as needed just click the button

Yeah, I think it’s just naming - I mean the N different permissions that a role would need to be assigned.

its pretty standard for NS customers to setup an "Integration User" type role though, its unlikely most of the your customers are setting up their very first NS integration with a 3rd party

Right, so we’d want to ensure that role/user has the specific set of permissions we require (ie, it’s possible they could be missing

Manage Accounting Periods

for example)

right, depending what you're needing maybe there's some pretty non-standard stuff in there

exactly, so given a user/role we’d want to ensure we can configure it for our customers without their NS admin having to do it manually

yeah seems like SDF would be able to do that for you no problem, have the admin give you dev team admin for 30 mins, do the SDF deployment of the role... and you're done 🙂

yeah, asking for tokens is easier, but setting up the ~100 permissions is harder. We’re trying to keep the list of permissions as narrow as possible.

sorry its not a button, its the actions drop down.