NetSuite redirect directs to wrong NetSuite instance?
We have multiple instances of NetSuite configured as applications in Okta. I'm trying to set things up so that if a user clicks on a NetSuite link, if they don't have an active NetSuite session, they are directed to Okta to authenticate.
In NetSuite SAML setup, the setting for turning this on is "Primary Authentication Method".
Okta tries to log me in to our NetSuite DEV instance, which is incorrect: this URL is for production ("system.netsuite.com" instead of "system.sandbox.netsuite.com").
NetSuite account IDs are shared across sandbox and production (i.e. the first sandbox environment attached to an account has the same account ID as the prod environment) so that could be why this is happening, but the redirect should recognize that the originating URL is for production.
It sounds like you're looking to utilize deep-linking to send NetSuite URLs through email but you're being redirected to your DEV instance of NetSuite. Have you checked the "Instance Type" in the General tab of the app in question? The instance type redirects you between production and sandbox environments. If that doesn't take care of it for you, we'd be happy to open up a support incident and troubleshoot further.