Can we refine the permissions needed for the NetSuite integration?

That is really good feedback - full permission probably is not required. At least not for employees. However, I need to speak with the engineers about the best way to address your concerns. Here is what I understand the problem to be:

• Users will need the ability to read contacts and create contacts
• Users will need the ability to read customers and create customers

Employees are used and accessed for different purposes. There is no need to create employees that I am aware of, but there is a need to read employees. However, if we grant read permission to employees, then that may reveal a lot more personal information that is warranted, recommended or necessary. Let me see what the use case for reading employees is and report back.

@sushilmall Do you know why we need read-access to employees? And do you know if we need write-access to employees?

@ByrneReese We do not require write-access permissions, however, read-access is necessary as we need to fetch employee records to display the name of the individual connected to NetSuite on the UI.

So the minimum required permissions for employee are as follows.

@Jordan Fitch I wanted to let you know that we are researching ways we could remove this requirement. There is no REST API we can call to fetch the current user’s info that doesn’t also require us to grant access to all employees. But we think we found a way to do it through a NetSuite “RESTlet.” The technical details don’t matter to be honest - but we may have a way. Generally though I want you to know that I agree with your assessment - granted full access to employees seems like a potential data privacy issue that we should resolve somehow.