Preparing Your Account For Corporate Identity Provider Integrations

Derek Torres
Derek Torres
  • Updated

ServiceTrade Single Sign-On (using the same credentials to sign on to our suite of applications now supports integrations with two Corporate Identity Providers, or "CIPs", specifically Microsoft Entra ID (formerly Azure Active Directory) and Google Workspace

We will refer to Single Sign-On as "SSO" and Corporate Identity Provider as "CIP."

Integrations with Microsoft Entra ID and Google Workspace are enabled by email domain and, when enabled, will be active for ALL users on that domain.  This is true even when an email domain is used across multiple ST accounts. 

Important Note: On-premise Active Directory is NOT supported.

 

Preparing for Your Corporate Identity Provider Integration

Please follow the checklist below to prepare your ServiceTrade Account and CIP before reaching out to our Support Team who can help with setting up the integration.

 

  1. ✅ All users' email addresses in ServiceTrade must match the UPN (user principal name) for Entra ID or otherwise the email address assigned to those users in your CIP.
  2. ✅ API integrations will continue to use username and password to authenticate and will remain a ServiceTrade native identity outside of your CIP. See more on this below.
    • Best practice: Create a unique group email address that routes to multiple individuals within your organization for these ST identities.
  3. ✅ Make sure that your technicians and users know their passwords. When you set up for CIP integration:
    • If there is an active session, their session will continue to renew, and they won’t have to log in again right away.
    • You won’t see a spike of all users needing to authentication with your CIP on day one, only as new users are added or existing sessions expire.

Reach Out to ServiceTrade Support for Setup

Once you have completed the checklist, please contact our Support Team at support@servicetrade.com.  Our Support Team will connect you with a Tier 2 Support Representative who will schedule a 30 minute meeting with you during which you can enable the integration.

 

For Users Who Need Access Across Multiple Accounts

Individual users needing access to multiple production accounts, effectively with a duplicate email addresses within the same or across different production accounts, will be able sign-in with their CIP credentials and allowed to choose which ServiceTrade account they wish to access 

If you have a Demo Account

We can enable the integration with Microsoft Entra ID or Google Workspace for your Demo or Production Account (not both.)

For example, you may want to test the integration in your demo account before implementing it in your production account. We would need to enable it in your demo account and then disable it. Then, when you are ready, we would need to enable it in your Production Account.

 

API Integrations

If you have API integrations with your ServiceTrade account, they must be authenticated via username and password, and not email address and password. We strongly recommend that you use a separate service account from your active users. Doing so provides a clear audit trail and allows the API integration identity to have permissions reduced to the minimum needed.  This is likely how they work now, but please confirm before your integration setup.

API integrations will remain a ServiceTrade native identity, skipping integration with your CIP.
API integration users in your ServiceTrade account will still need to have a unique email address associated with the account.

 

Was this article helpful?

/

Comments

0 comments

Please sign in to leave a comment.