Reference
API Secrets Management
Complete guide for creating, managing, and maintaining API Secret records in NetSuite for Licentra integration.
What Are API Secrets?
API Secrets are NetSuite's secure storage mechanism for sensitive credentials. For Licentra integration, they store your License Secret - the confidential authentication token that enables secure communication between NetSuite and the Licentra platform.
API Secret Overview
Purpose
- Secure storage of License Secret credentials
- Script access for Licentra bundle functionality
- Authentication between NetSuite and Licentra servers
- Credential management for ongoing operations
Security Features
- Encrypted storage within NetSuite
- Access control through script permissions
- Audit logging of access attempts
- Secure transmission via HTTPS
Creating Your First API Secret
Step 1: Access API Secrets
- Navigate to:
Setup > Company > API Secrets - Click "Create New" to create a new API Secret record
Step 2: Configure Secret Details
| Field | Value | Description |
|---|---|---|
| Name | Licentra Integration Secret | Descriptive name for identification |
| ID | licentra_api_secret | Internal identifier (used in Config record) |
| Password | Your License Secret | The actual credential from Licentra portal |
| Description | API Secret for Licentra License Manager Integration | Optional context information |
| Restrictions | ✅ Check "Allow for all Scripts" | Required for Licentra functionality |
Step 3: Save and Document
- Click "Save" to create the secret
- Note the ID you assigned (you'll need it for configuration)
- Store the ID securely for future reference
Managing Multiple Secrets
Environment-Specific Secrets
For organizations with multiple environments:
Code
Naming Conventions
Recommended naming pattern:
Examples:
licentra_prod_secret- Production environmentlicentra_dev_secret- Development environmentlicentra_sandbox_secret- Sandbox environmentlicentra_test_secret- Testing environment
Updating API Secrets
When to Update
- License Secret rotation - Security best practice
- Environment changes - Switching between environments
- Credential expiration - When secrets expire
- Security incidents - Compromised credentials
Update Process
- Create new API Secret with updated credentials
- Update Licentra Config record to reference new secret ID
- Test configuration using License Viewer
- Delete old secret (optional, for cleanup)
Zero-Downtime Updates
For production environments:
- Create new secret alongside existing one
- Update configuration to use new secret
- Verify functionality with new secret
- Remove old secret after confirmation
Security Best Practices
Secret Management
- Unique secrets per environment - Never reuse across environments
- Regular rotation - Update secrets periodically
- Secure storage - Never share secrets outside NetSuite
- Access logging - Monitor who accesses secrets
Naming and Documentation
- Descriptive names - Make secrets easy to identify
- Environment tags - Include environment in name
- Documentation - Record purpose and creation date
- Contact information - Note who to contact for issues
Access Control
- Minimal access - Only grant access to necessary users
- Role-based permissions - Use NetSuite roles for access control
- Regular audits - Review access permissions periodically
- Emergency procedures - Plan for credential compromise
Troubleshooting API Secrets
Common Issues
| Issue | Symptoms | Solution |
|---|---|---|
| Secret not found | Configuration error | Verify secret ID exists |
| Access denied | Permission error | Check "Allow for all Scripts" |
| Invalid credentials | Authentication failure | Verify License Secret value |
| Expired secret | Connection timeout | Update with new credentials |
Diagnostic Steps
- Verify secret exists in API Secrets list
- Check secret ID matches configuration
- Confirm "Allow for all Scripts" is checked
- Validate License Secret value is correct
- Test connection using License Viewer
Error Messages
"Secret not found"
- Check secret ID spelling
- Verify secret exists in API Secrets
- Confirm secret hasn't been deleted
"Access denied"
- Check "Allow for all Scripts" setting
- Verify user has API Secrets access
- Confirm NetSuite permissions
"Invalid credentials"
- Verify License Secret is copied correctly
- Check for extra spaces or characters
- Confirm secret is for correct environment
Secret Lifecycle Management
Creation Phase
- Plan naming convention for your organization
- Gather credentials from Licentra portal
- Create secret with proper configuration
- Document details for future reference
- Test configuration immediately
Maintenance Phase
- Monitor usage and access patterns
- Regular security reviews of access permissions
- Update documentation as needed
- Plan rotation schedule for credentials
Retirement Phase
- Create replacement secret before removing old one
- Update configurations to use new secret
- Verify functionality with new secret
- Remove old secret after confirmation
- Update documentation to reflect changes
Advanced Configuration
Multiple Configurations
For complex environments with multiple NetSuite instances:
Secret Versioning
Track secret versions for audit purposes:
Getting Help
When to Contact Support
- Secret creation issues - Technical problems with NetSuite
- Credential problems - Issues with Licentra credentials
- Access permission errors - NetSuite permission issues
- Configuration problems - Integration setup issues
Information to Provide
When contacting support, provide:
- Secret ID (without the actual secret value)
- Error messages from License Viewer
- NetSuite environment (production, sandbox, etc.)
- Steps taken to resolve the issue
- Screenshots of error messages (if applicable)
Contact Information
- NetSuite Support: For NetSuite-specific issues
- Licentra Administrator: For credential and access issues
- BringIT Support: For integration and technical issues
Related Documentation
- Configuration Fields - Complete field reference
- Environment URLs - Server endpoint information
- Common Issues - Troubleshooting guide
Last modified on