Single Sign-On and ServiceTrade

Derek Torres
Derek Torres
  • Updated

 

What is SSO?

Single Sign-On (SSO) is an authentication method that enables users to securely authenticate into the suite of ServiceTrade applications, including our Support Center and Ideas Portal, using just one set of credentials. SSO is available to all customers at all subscription tiers. 

Note: We will add support for SSO for the PartsManager Office App in Q2 2024. 

Adding ServiceTrade to your Microsoft or Google SSO

For ServiceTrade customers who use Microsoft Entra ID (formerly Azure AD) or Google Workspace for user management, we offer an integration so that your ServiceTrade users can log in to ServiceTrade using their Microsoft or Google credentials. To learn more about these Corporate Identity Provider (CIP) integrations and how you can prepare your account, read this article. If you would like to move forward with the integration, reach out to ServiceTrade Support. 

Coming Soon: Multi-factor Authentication 

Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application or online account. MFA via SMS text message will be available in ServiceTrade in the coming months. 

Is there any additional cost or subscription requirements?

No. SSO, CIP integrations, and MFA are available at to all customers at no charge.

Note about API integrations

ServiceTrade continues to support the existing authentication workflow for integration with our APIs. Existing long-lived sessions and auth tokens will remain valid after your account has been migrated.
ServiceTrade recommends the following as best practices for API integrations.
  • Create a separate user identity for the API integration.  Resist the urge to reuse the identity of an individual user.
  • The accounts used for API integrations must have a valid email address associated with the user identity to support password changes. Create a group email address for your API user. 
  • Limit the role and privileges of the integration's identity to the minimum required.
  • Add resiliency to your API integration to gracefully handle 401 Unauthorized responses, reauthenticating automatically if your existing session/auth token expires.
  • If you are using the PartsManager Office App API please read the following article: Best Practices: Optimizing Auth0 M2M Token Usage for the PartsManager Office API.

Was this article helpful?

/

Comments

0 comments

Please sign in to leave a comment.