Sage Intacct Login: A Step-by-Step Guide for CPAs

Your new Sage Intacct account is live, the implementation partner has signed off, and now someone on your team can’t get past the login screen. It happens on day one more often than it should. The fix is usually simple — but only if you know exactly what Sage Intacct expects at each step.

This guide walks through every login scenario you’ll encounter: first-time sign-in, forgotten credentials, two-factor authentication, SSO with Microsoft Entra ID, and the construction module’s separate sign-in path. Bookmark it and share it with your admin.

What the Sage Intacct Login Screen Actually Needs

The standard sign-in screen asks for three fields — Company ID, User ID, and Password. All three are case-sensitive. If your firm has multiple entities, the Company ID is what separates them; every entity has its own. Get one wrong and you’ll hit an authentication error that looks like a password problem but isn’t.

If you’re signing in through the Sage UK portal path, you select Login and then Sage Intacct from the menu before you reach that three-field screen. For most US firms, your implementation partner will give you a direct URL that drops you straight onto the sign-in page.

First-Time Login: What to Expect

Sage Intacct sends first-time credentials from no-reply@intacct.com. That email contains three things: your Company ID, your User ID, and a sign-in link with a temporary password embedded. Check spam if you don’t see it within five minutes — it almost always lands there for firms that haven’t whitelisted that address.

Once you click the link:

1. Enter the temporary password in the Current Password field.
2. Choose a new password that meets Sage Intacct’s complexity rules.
3. Set a security question and answer — Intacct requires this before it lets you continue.
4. Click Submit. You’re in.

Do this yourself before forwarding credentials to a staff member. The security question setup can confuse people who aren’t expecting it, and a confused first-time user will just call you anyway.

Forgotten Password and Locked Accounts

The self-service password reset is straightforward: click Forgot your password? on the sign-in screen, enter your Company ID and User ID, and Sage Intacct sends a reset link to the email on file. The link expires, so use it promptly.

Locked accounts are a different problem. After a set number of failed attempts, Sage Intacct locks the account and only an administrator can unlock it — the self-service reset won’t work. If you’re the sole admin and you’re locked out, you’ll need to contact Sage support directly. For a five-person firm where everyone has admin rights, this is rarely an issue. For a 20-person firm with a single system admin, it’s worth designating a backup admin now rather than after the lockout.

Two-Factor Authentication

Some Sage Intacct deployments enable two-factor authentication. When it’s active, after you pass the Company ID / User ID / Password screen, Intacct sends a verification code to a registered mobile number or email address. Enter that code to complete sign-in.

If a staff member says they never receive the code, check two things first: the phone number or email stored on their user record, and whether their phone is blocking short-code SMS. Both are common culprits. Administrators can update contact details under the user record in the Company module.

Single Sign-On via Microsoft Entra ID

For firms that manage user access through Microsoft 365, Sage Intacct supports SAML 2.0 single sign-on with Microsoft Entra ID (formerly Azure AD). This means your staff sign in once through Microsoft and get into Intacct without entering a separate password.

The setup is done at the user record level inside Sage Intacct. An administrator edits the user record, opens the Single sign-on tab, and enters a Federated SSO user ID — typically the user’s Microsoft 365 email address. Repeat that for each user who should use SSO.

The Microsoft Entra side requires configuring Sage Intacct as an enterprise application and mapping attributes — your IT admin or Microsoft partner handles that part authoritative source. Once both sides are configured, those users will no longer use their Intacct password at all; their Microsoft session handles authentication.

For a 10-person firm already deep in the Microsoft ecosystem, SSO is worth the setup time. It eliminates one more password, reduces lockout calls, and centralizes offboarding — deactivate someone in Entra and their Intacct access goes with it.

Sage Intacct Construction: Use the Right Sign-In Button

If your firm uses Sage Construction Management alongside Sage Intacct, pay attention to this: the sign-in screen offers two options — Sign In With Sage ID and Sign In With Intacct. Intacct users must select Sign In With Intacct. Selecting the Sage ID path will either fail or dump you into the wrong environment. It’s a small UI detail that causes a disproportionate number of support calls during onboarding.

The Community Credentials Mix-Up

The Sage Intacct Community (the user forum and knowledge base) uses entirely separate credentials from Sage Intacct itself. Community usernames are formatted as firstname.lastname@intacctcommunity.com — that domain suffix is the giveaway. If someone tries to use their Intacct Company ID and User ID to log into the Community, it won’t work. Keep those credentials separate and store them in your password manager under different entries.

How Sagenext Helps

Sage Intacct is cloud-native, so Sagenext doesn’t host Intacct itself — but many CPA firms run Sage Intacct alongside desktop accounting and tax software that does require hosting. Sagenext provides fully managed cloud hosting for Sage 50, Sage 100, QuickBooks Desktop, QuickBooks Enterprise, and a full roster of tax applications including Lacerte, Drake, ProSeries, UltraTax, and ATX our cloud hosting.

The managed hosting means your staff access those applications through a remote desktop session from any device — same multi-user, anywhere-access model you get with Intacct, extended to your desktop software stack. Provisioning, security, backups, and software updates are handled for you. If your firm uses Intacct for the GL and QuickBooks Desktop for a subsidiary or specific client work, hosting the desktop side through Sagenext keeps your whole environment consistent. There’s a free trial with no credit card required if you want to test it with your own data.

Key Takeaways

• Sage Intacct login requires all three fields — Company ID, User ID, and Password — and all are case-sensitive.
• First-time credentials arrive from no-reply@intacct.com; whitelist that address before go-live.
• First login forces a password change and security question setup — plan for it during onboarding.
• Account lockouts require admin intervention; designate a backup admin before you need one.
• SSO via Microsoft Entra ID is worth configuring for firms already on Microsoft 365 — it uses SAML 2.0 and is set up at the individual user record level.
• Sage Intacct Construction users must select Sign In With Intacct, not Sign In With Sage ID.

Frequently Asked Questions

What do I enter in the Company ID field when logging into Sage Intacct?

The Company ID is assigned by Sage or your implementation partner during setup. It identifies your specific Intacct environment, especially important for multi-entity firms where each entity has its own ID. Your first-time login email from no-reply@intacct.com includes the Company ID. If you’ve lost it, your Sage Intacct administrator or implementation partner can retrieve it — it’s visible in the Company module under Setup.

Why did I receive an email from no-reply@intacct.com?

That address is how Sage Intacct delivers first-time login credentials and password reset links. The email contains your Company ID, User ID, and a sign-in link. If you weren’t expecting it, someone with administrator access created or reset your user account. Check with your firm’s Sage Intacct admin. If it’s genuinely unexpected and you don’t recognize the Company ID, treat it as a phishing attempt and don’t click the link.

Can I use the same login for the Sage Intacct Community?

No. The Community is a separate platform with separate credentials. Community usernames follow the format firstname.lastname@intacctcommunity.com. Your Sage Intacct Company ID and User ID won’t work there. Store both sets of credentials in your password manager as distinct entries to avoid the confusion.

How do I set up single sign-on for Sage Intacct?

Sage Intacct supports SAML 2.0 SSO with Microsoft Entra ID. On the Intacct side, an administrator edits each user record, opens the Single sign-on tab, and enters a Federated SSO user ID — usually the user’s Microsoft 365 email. On the Microsoft side, Sage Intacct is configured as an enterprise application in Entra. Both sides must be configured before SSO works. Once active, those users authenticate through Microsoft and bypass the Intacct password screen entirely. related guide

What should I do if my Sage Intacct account is locked?

Self-service password reset won’t unlock a locked account — only a Sage Intacct administrator can do that. Go to Company > Admin Users, find the user record, and unlock it from there. If you’re the only administrator and you’re locked out, contact Sage support directly. To prevent this situation, always designate at least two users with administrator rights.