Hello, While working on a new custom record type, I discovered something new—perhaps something I had overlooked before. External roles access? Unauthenticated users access?

That's new, we just got alerted of the change in our account on Saturday.

.. and what is impact? External role??

Here's the email text: You are receiving this notice because Customization is enabled in your account and you use custom record types with the "No Permission Required" Access Type. What is Changing? Currently, authorized users can set the access type of a Custom Record Type to "No Permission Required". This setup makes the Custom Record Type public, granting full access to its entries to any user, including external users and unauthenticated users over the Internet and is documented in Setting Permissions for a Custom Record Type help topic, SuiteAnswers ID 10148. In order to provide more control over who may access your custom record entries, NetSuite has introduced a more precise setup to users with the required permissions. The access type option of No Permission Required has changed to No Permission Required for Internal Roles. When this option is selected, two additional more granular dropdown list fields will appear from which you can select additional access levels to permit with no permission required: • External Roles Access • Unauthenticated Users Access Based on the historical access to the entries of each such custom record type, NetSuite has revised your access designations and selected either No Permission Required for Internal Roles only, or combined with a specific level of access for External Roles and Unauthenticated Users. In some cases, this change may result in some users having insufficient access to these custom record types and their entries. Required Action Please review all of your custom records that you previously designated as No Permission Required, which will now show as No Permission Required for Internal Roles, to determine if the access setting is appropriate. If either of the options to expand access are checked, be sure that you want to allow external users access to this record and update the access type accordingly. For more information, see the Setting Permissions for a Custom Record Type help topic, SuiteAnswers ID 10148. 1. *To quickly identify the relevant Custom Record Types to review:*Create a SuiteAnalytics dataset of Custom Record Definition record type. 2. Go to Analytics menu > Datasets tab. 3. Click New Dataset button, and using the search box filter the record types to Custom Record Definition. 4. In the resulting List, select Custom Record Definition. 5. Finally, configure the new dataset to display only custom record types with No Permission Required for Internal Roles as the access record type. 6. 7. For more information, see the Custom Workbooks and Datasets help topic, SuiteAnswers ID 82336. 8. *To review and update the access type of your custom records:*Go to Customizations > Lists, Records, & Fields > Record Types. 9. For each unlocked Record Type (no lock icon), review the Access Type setting and consider changing it to either Require Custom Record Entries Permission or Use Permission List. ◦ If you select Require Custom Record Entries Permission, on each Role page, go to the Lists subtab of the Permissions subtab and set the appropriate access level. ◦ If you select Use Permission List, go to the Permissions subtab and define which roles should have permission to access this custom record type. ◦ If you agree with and want to keep the updated settings, no additional changes are needed. If you choose to use No Permission Required for Internal Roles, External Roles Access, or Unauthenticated Users Access, we strongly recommend you provide additional restrictions through the use of scripts and/or workflows to tightly control access to your record instances consistent with your business needs.

Thanks a lot!

I took it to mean whatever roles you have defined for external users, but that was just my interpretation.

I've got an integration with Boomi that stopped working over the weekend. I'm trying to figure out if this is the cause, if only because of the timing. Has anyone gotten clarity on what is meant by "External Roles"? My integration uses an access token based on a user and role I created in NetSuite. Would that qualify as "External Role"? I can't really understand why. I don't see any way to designate a role as "external" either.

What are you saying with "stopped working"? Errors?

The Boomi process ran successfully a few times last week. Since Friday, though, the API call that pulls in orders to process has stopped returning results. I can confirm that there are eligible orders to pull in, and I re-verified that all my user/role permissions are ok. But when I run the process it doesn't find any orders -- no errors or any indication something is wrong in Boomi. I could very well be an issue with Boomi, but given the process worked on Friday and this NetSuite change happened over the weekend, it's a suspect I need to rule out. But the language in that message from NetSuite is unclear.

The worst scenario is if the new access permissions leads to empty search/query results instead of "You don't have permission to access custom record .."

Agreed. I have no way of tracking this down. I also don't know what an "external role" is -- that's my big question. Waiting to hear back from NS support. I'll post here if I get useful info.