> ## Documentation Index
> Fetch the complete documentation index at: https://docs.maia.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# NetSuite SuiteAnalytics authentication guide

This is a step-by-step guide to acquiring NetSuite SuiteAnalytics credentials and authorizing the [NetSuite SuiteAnalytics](/docs/components/netsuite-suiteanalytics) component.

***

## Create an OAuth connection

1. You need to create an OAuth connection. Follow the instructions in [OAuth](/docs/guides/oauth) until you reach the **Authentication Type** field—at which point, you should return to this page.

2. Set the **Authentication Type** field to **OAuth 2.0 Client Credentials**.

3. Read the section [below](#acquire-netsuite-suiteanalytics-credentials) to acquire the following information you need to complete on this screen:

   * Client ID
   * Certificate ID
   * Private Key
   * Account ID
   * Role ID

4. Continue to follow the instructions in [OAuth](/docs/guides/oauth).

***

## Acquire NetSuite SuiteAnalytics credentials

You need to create an app integration in NetSuite.

1. Follow the Oracle documentation here: [Create Integration Records for Applications to Use OAuth 2.0](https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_157771733782.html#Create-Integration-Records-for-Applications-to-Use-OAuth-2.0).

   * Select the checkboxes for **Client Credentials (Machine to Machine Grant)** and **SuiteAnalytics Connect**. Ensure that all other checkboxes in the configuration are cleared, even if checked by default.

2. Copy the **Client ID** and **Client Secret** displayed at the end of the previous step. You won't have another opportunity to copy the secret. You will need the **Client ID** when creating the OAuth.

3. Create a user role and add the required OAuth access to that role, following the Oracle documentation here: [Getting Started with OAuth 2.0](https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_157771281570.html#Getting-Started-with-OAuth-2.0).

4. Add the following permissions to your user: `Log in Using OAuth 2.0 Access Tokens` and `OAuth 2.0 Authorized Applications Management`.

5. Generate and upload a certificate to NetSuite, following the Oracle documentation here: [Creating a Mapping for the Client Credentials Flow](https://docs.oracle.com/en/cloud/saas/netsuite/ns-online-help/section_162686838198.html#subsect_162686947286).

   * From the example certificate generation commands given in that document, use the `RSA - PSS` command. This will generate a certificate that expires after one month.

   * The method described above generates a certificate that expires after one month. To generate a certificate which lasts two years, use the following command instead:

     ```bash theme={null}
     openssl req -new -x509 -newkey rsa:4096 -keyout private2.pem -sigopt rsa_padding_mode:pss -sha256 -sigopt rsa_pss_saltlen:64 -out public2.pem -nodes -days 730
     ```

   * When you click **Save** in the certificate mapping dialog, note down the **Certificate ID** to use when creating the OAuth.

   <Note>
     Elliptic Curve Cryptography (ECC) certificates are not currently supported in the OAuth 2.0 Client Credentials authentication process for this component.
   </Note>

6. Use the private SSH key generated in the previous step as the **Private Key** when creating the OAuth.

7. On the home page of your NetSuite account, under the **Settings** module, click **Set Up SuiteAnalytics Connect**.

8. Use the following information, found under **Your Configuration** on this page, when creating the OAuth:

   * **Account ID**
   * **Role ID**
