Engagement Brief · Confidential

NetSuite AI Integration
Architecture & Governance Path Forward

A summary of the recommended approach for connecting Claude (and other AI assistants) to NetSuite, Smartsheet, and SharePoint with proper permissions, role design, and human-in-the-loop controls.

Prepared For
Projex — Jacob Swearingen, Matt Magrann
Prepared By
Ed Burke, FTE Consult
Discussion Date
Thursday · Mountain Time
The Situation

Where Projex is today, and what we'd solve

Projex has connected Claude Teams to NetSuite and is using AI across NetSuite, Smartsheet, and SharePoint. The core challenge isn't whether AI works — it's how to scope what AI can see and do, given that not every team member uses NetSuite, and operational roles often have write access that shouldn't extend to AI by default.

The Real Question

How do we let AI accelerate reporting and analysis across the team — without inheriting transactional permissions, exposing sensitive data, or building infrastructure that NetSuite's native roadmap will obsolete in 12 months?

Recommended Architecture

A hybrid model — native MCP for NetSuite users, SharePoint pulls for everyone else

Oracle now offers an official NetSuite AI Connector Service (the MCP Standard Tools SuiteApp) that connects Claude directly to NetSuite via the Model Context Protocol. This is the right primary path for users with NetSuite access. For team members who don't use NetSuite, scheduled saved-search exports to SharePoint give them AI-assisted reporting without granting them ERP access.

Path A · Recommended for NetSuite Users

Native NetSuite MCP Connector

For: AP, AR, Inventory, Controllers, CFO

Claude connects directly to NetSuite using Oracle's official MCP service. All access governed by NetSuite's existing role-based security model. Audit trails preserved. Live data, no export latency.

Requires: Claude Pro plan, MCP Standard Tools SuiteApp installed, dedicated AI-purpose roles (not Administrator).

Path B · For Non-NetSuite Users

Saved Search → SharePoint → Claude

For: Ops, PMs, Field, Exec staff

Scheduled NetSuite saved searches export to role-specific SharePoint folders. Claude reads from SharePoint. Permissions enforced at folder level. Zero NetSuite license required for AI users.

Trade-off: Data is as fresh as the export schedule. Best for reporting, dashboards, and analysis — not real-time queries.

How It Flows

The reporting path for non-NetSuite team members

01 · Source

NetSuite Saved Searches

Define exactly which fields, filters, and records each role can see. The saved search is the contract.

02 · Export

Scheduled to SharePoint

Daily, hourly, or on-demand exports to role-organized folders. Auditable, repeatable, traceable.

03 · Access

Claude Reads SharePoint

Claude only sees what the SharePoint folder permissions allow. No direct NetSuite access required.

04 · Analysis

Team Gets Answers

Read-only by design. Humans review and act on AI-surfaced insights inside their normal workflow.

The Critical Design Choice

Build dedicated AI-purpose roles — don't reuse operational ones

The NetSuite MCP connector binds to one role at a time per user. Whatever permissions that role has, Claude inherits. This is the safety boundary — and it's why role design matters more than any other technical decision.

If a user has an "AP Clerk" role with write access to bills and journals, and they connect Claude using that role, Claude can also write bills and journals. The right pattern is to create separate, read-only AI roles scoped to functional areas:

AP_AI
Read access to vendor bills, payments, AP aging. No create/edit on transactional records.
AR_AI
Read access to invoices, customers, AR aging, collections data. Reporting only.
Inventory_AI
Read access to items, on-hand quantities, valuation, location data. No adjustments.

Note: Oracle blocks the Administrator role from MCP entirely. Custom roles with the "MCP Server Connection" and "OAuth 2.0 Access Tokens" permissions are required.

Governance Model

Three layers of control, each enforced independently

01

Role Defines Capability

The NetSuite role bound to the AI connection determines exactly what Claude can read and do. If the role can't see a field or take an action, neither can Claude.

02

SharePoint Defines Audience

For exported data, SharePoint folder permissions control which team members' Claude instances can access which datasets. AP team sees AP data. Ops team sees ops data.

03

Humans Approve Writes

For Phase 1, AI is read-only and advisory. Any transaction Claude proposes flows through a human review and approval step before being booked in NetSuite.

Risks We're Managing

What Oracle, Anthropic, and we are watching closely

Documented in Oracle's MCP risk guidance

Specific risks to mitigate by design

Prompt injection from documents or external content tricking AI into unintended actions
Hallucinated values entering transactional records without human verification
Sensitive financial data leaking through over-broad role permissions
Cross-subsidiary or cross-entity data exposure beyond user's authorized scope
Audit trail gaps if AI actions aren't tagged with the originating user/role
Scope creep — adding write permissions later that retroactively expand AI capability
Recommended Phasing

Walk before running — scope grows as confidence grows

Phase 1 · Now
Read-Only Reporting

Stand up native MCP for NetSuite users with dedicated AI roles. Stand up SharePoint export pipeline for non-NetSuite users. Claude reads, summarizes, and analyzes. Zero write access. Establish trust, document use cases, train the team.

Phase 2 · Next Quarter
Live Queries & Drafts

Expand to live API queries (Claude triggers saved searches on demand). Allow Claude to draft transactions for human approval — never to book them autonomously. Add data warehouse layer if cross-system queries (NetSuite + Smartsheet) become a recurring need.

Phase 3 · Evaluate
Native AI Agents

As NetSuite's native agentic AI capabilities mature, evaluate whether to migrate workflows from the custom MCP setup to Oracle's embedded agents. The investments in role design and saved searches transfer cleanly — the front-end changes, the governance doesn't.

Thursday's Conversation

What we'll cover in 30 minutes

0:00
Intros & contextHow Josh connected us, what FTE Consult does, and what Projex is trying to accomplish.
0:05
Current stateWalk through what's connected today (Claude Teams + NetSuite) and where the permission questions are.
0:12
Proposed architectureNative MCP vs. SharePoint pulls, role design, three-layer governance, read-only stance.
0:22
Smartsheet & SharePoint scopeHow those systems fit, and where a warehouse layer might (or might not) be needed.
0:26
Next stepsIf there's a fit, what a discovery engagement looks like and how we'd structure it.
What We're Explicitly Not Recommending

Where AI shouldn't go — at least not yet

Out of Scope for Phase 1

AI booking transactions autonomously. Even with the native MCP connector technically able to create and update records, the right design choice is to keep AI advisory until trust, audit patterns, and review workflows are established.

Replacing operational roles with AI roles. Operational users still need their full operational roles for daily work. AI roles are additive and dedicated — used only when connecting an AI assistant.

Custom integration buildout that NetSuite native AI will obsolete. Oracle's roadmap is moving fast. We use the official MCP service where it fits and avoid building custom infrastructure that has a 12-month half-life.