Single Sign-On (SSO) is Coming

Derek Torres
Derek Torres
  • Updated

 

ServiceTrade will soon start rolling out Single Sign-On (SSO) across most of our applications. SSO will be rolled out in 3 phases: 

  • Phase 1: Implementing SSO across ServiceTrade's suite of products.
  • Phase 2: Supporting integrations with Corporate Identity Providers (CIPs), namely Microsoft Entra ID (formerly Azure AD) and Google Workspace.
  • Phase 3: Supporting set up and use of Multifactor Authentication (MFA).  

This article will provide you an overview of the SSO rollout timeline and provide answers to Frequently Asked Questions.

For the latest information on releases related to SSO, visit How Do I Need to Prepare for SSO?

What is SSO?

Single Sign-On (SSO) is an authentication method that enables users to securely authenticate into multiple applications and websites using just one set of credentials.

Is there any additional cost or subscription requirements?

No. SSO will be available at no charge to all our customers.

There may be additional third-party costs for Corporate Identity Providers, such as Microsoft Entra ID (formerly Azure AD) and Google Workspace.

When will SSO be available?

SSO for the ServiceTrade Web Application and most of the additional applications in our suite of products will be complete by mid-November 2023. See below for details.

Which ServiceTrade applications will use SSO?

The following applications will roll out the ability to use SSO for sign-in. This means you can use the same credentials for the following applications. We will update you in the Release Notes section when SSO is enabled for each of the following:

  • ServiceTrade Web App
  • ServiceTrade Mobile App (iOS and Android)
  • PartsLedger Technician App
  • ServiceTrade InspectionManager
  • NorthBoundary
  • Service Timecard
  • Toolbox
  • STAC (ServiceTrade Accounting Connector)

Note: We will add support for SSO for the PartsLedger Office App in the first half of 2024. 

What steps do I need to take, and what will change?

Please refer to the following article: How Do I Need to Prepare for Single Sign-On (SSO)?

Why the migration process and changed login experience?

To roll out SSO across most of our applications, we first must migrate all user credentials. We are partnering with Auth0 to securely store user credentials and allow us to implement SSO functionality across our applications.

What about SSO using Microsoft or Google?

Once we have SSO enabled across the ServiceTrade suite of products, we will begin assisting our early adopters who wish to set up SSO through one of our two supported Corporate Identity Provider (CIP) integrations:

  • Microsoft Entra ID (formerly Azure AD)
  • Google Workspace

Our Early Adopter Program will begin in November 2023, and these integrations will generally be available in January 2024. We will provide more information at that time.

Note: Please complete our interest form here if you are interested in participating in our Early Adopter Program for these integrations. Participating accounts are required to have all their users using email addresses (one unique email address per user) as their usernames in ServiceTrade before implementing the integration.

When will Multi-factor Authentication (MFA) be available?

Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application or online account.

Accounts with a Corporate Identity Provider (CIP) integration will implement MFA through Microsoft Entra ID or Google Workspace, as applicable. 

Accounts without a CIP integration can implement MFA in early 2024.

If you are using the PartsLedger Office App API please read the following article: Best Practices: Optimizing Auth0 M2M Token Usage for the Partsledger Office API

What about my API Integrations? 

There are no changes required at this time. To prevent disruptions, ServiceTrade continues to support the existing authentication workflow for integration with our APIs. Existing long-lived sessions and auth tokens will remain valid after your account has been migrated.
The accounts used for API integrations must have a valid email address associated with the user identity to support password changes.
ServiceTrade recommends the following as best practices for API integrations.
  • Create a separate user identity for the API integration.  Resist the urge to reuse the identity of an individual user. 
  • Limit the role and privileges of the integration's identity to the minimum required.
  • Add resiliency to your API integration to gracefully handle 401 Unauthorized responses, reauthenticating automatically if your existing session/auth token expires.
  • If you are using the PartsLedger Office App API please read the following article: Best Practices: Optimizing Auth0 M2M Token Usage for the Partsledger Office API

Was this article helpful?

/

Comments

0 comments

Please sign in to leave a comment.