A NetSuite user asks if SSO would still work if their password is already expired.
The answer is yes, it would still work. It will bypass the password expiration stage and the customer will still be able to login. This is applicable both in the UI and the Web Service.
Some of NetSuite accounts have one Employee which has an Administrator role. They use the login credentials of this employee record for their web service applications as the default user. If its password expires, then the web service will stop working and they need to reset the password on the UI and also on the web service application. However, since the SuiteTalk Version 2015.2, Token-Based Authentication for web services are made available. This de-couples web services authentication from password expiration.
Currently, there is no feature in Netsuite that would make one user/employee record exempted from the password expiration feature. One other workaround that can be implemented is to use SSO and the ssoLogin operation in web service.
If the SSO/SAML role is enabled for users and working fine, will the end users still receive e-mails notifying them that the local password is expiring/has expired? Even though it shouldn't matter since their primary way of logging in is through SSO/SAML? If so, is there a way to disable the notification e-mail?
ReplyDeleteYour role must have option Single Sign In Only to avoid notification emails. Otherwise, they will still send
ReplyDelete