Overview
Enable single sign-on (SSO) to ServiceTitan using Microsoft Azure Active Directory (AAD). This integration allows users to securely access all ServiceTitan products with one set of credentials.
Feature configuration
Account configuration is required to use this feature. Please contact your Customer Success Manager (CSM) for details.
Step 1: Add your Directory Tenant ID
Go to portal.azure.com and log in with your AAD username and password.
Note: If you have login issues, contact your Azure administrator.
In your Azure Portal, select Azure Active Directory > Properties.
Copy the Tenant ID.
Send your Tenant ID to your CSM so that they configure it on the ServiceTitan side.
Contact your Microsoft Azure Administrator to grant permissions within Azure.
Step 2: Create users and groups
You have two options for connecting users to ServiceTitan via Azure:
Option 1: Create groups: In Azure Active Directory (AAD), create groups that map to user roles in ServiceTitan.
Note: ServiceTitan cannot create new users unless these groups are set up.
Option 2: Link existing users: To associate existing ServiceTitan users with their AAD identities, enter each user's Azure AD Object ID in ServiceTitan.
Option 1
You need to create groups in Azure Active Directory. They are called roles in ServiceTitan.
Note: Without this action ServiceTitan can't create new users.
In Azure Active Directory, click Groups.
Click New Group.
In the window that opens, fill out the fields.
Click Create.
Option 2
To link already created ServiceTitan users with Active Directory users, you need to enter the Object ID for each user.
In Azure Active Directory, go to Users > All Users.
Select the necessary user.
Copy the Object ID.
Provide the Object ID to your CSM to link the user.
Step 3: Log in with Azure Active Directory
When you set up your AAD, your employees can log in to ServiceTitan with AAD.
Click Login via Active Directory. You are redirected to the Microsoft Azure Login screen.
Enter your credentials and you are redirected to ServiceTitan.
Note: Use your Active Azure Directory credentials.
Tip: If you don't have a ServiceTitan user connected to Active Directory, then you are redirected to the New User screen.
Fill out the necessary fields and click Create User. You are redirected to ServiceTitan.
Step 4: Enable multi-tenant AAD access
Multi-tenant AAD access allows you to use several tenants in ServiceTitan using one Azure Active Directory.
Note: For security reasons, automatic user creation is disabled in ServiceTitan for multi-tenant AAD cases.
Add a claim to your AAD tokens
AAD administrators need to add an additional claim to access token and ID token of the user's Azure Active Directory. It is the user identifier for ServiceTitan.
The claim should have a one to one relationship with ServiceTitan and should have the following parameters:
Name: st_tenant_id
Syntax: Unicode string
Value: From 1 to 9223372036854775807
Maximum length: 19 digits
Step 5: Link multi-tenant AAD users to ServiceTitan
You must create ServiceTitan users before linking them to the respective AAD users.
There are two options for doing it:
Option 1: Add users in ServiceTitan
Go to Settings > People > Employees > Add. For more on how to add an employee, see Add and manage office employee profiles.
Option 2: Use ServiceTitan public API
Use the ServiceTitan public APIs to create users.
When you create a new employee, add their AAD user object ID to ServiceTitan.
To find the Object ID:
Go to portal.azure.com.
Sign in with your Azure username and password.
Select Azure Active Directory.
Click Users.
Select the user.
Click Properties.
Provide the Object ID to your CSM.
Step 6: Verify multi-tenant login
Click Login via Active Directory.
Sign in with your AAD credentials.
You are redirected to ServiceTitan upon successful authentication.