SSO FAQ

  • Here is list of applications that will leverage that new single source of identities:

    • API Portal
    • Banking Portal
    • CAP
    • Catylist - Commercial Exchange
    • Catylist - RDMA
    • Catylist
    • China Structured Portal
    • CMM
    • CRA
    • CRE Portfolio Manager (Realxdata)
    • CRE (REIS)
    • CreditEdge
    • CSG API
    • CSG External API
    • CSG CNSFP PyBA
    • CSG Risk Compass
    • Data Alliance Portal
    • DataHub
    • Economy.com
    • EDFX
    • Impairment Studio
    • ImpairmentCalc
    • Information Web
    • Intellipulse Credit
    • KYS Network
    • Learning Ecommerce
    • Learning Portal
    • Loan Pricing Tool
    • ML Catalog
    • Moody’s CreditView / Moodys.com (MDC)
    • PFaroe
    • Portfolio Studio
    • QUIQproperty 
    • Ratings.moodys.com (RMC)
    • Reporting Studio
    • Review (RDC Federation App) - US
    • RiskBench
    • RiskCalc
    • RiskFrontier
    • SFDC Customer Portal
    • ZM Online ALM
    • ZM Online CECL

  • The SSO will be implemented on a rolling basis, which means clients may see the change later than others. Nothing is wrong, and your access will update as planned during the update window.

  • If your application is not listed, you will continue using the credentials you currently have set.

  • If you have more than one Moody’s and Moody’s Analytics application, you may receive two activation emails, one from the Moodys.com application asking you for a password reset and a second from the Okta platform for activating your account and setting your password again. The last password entered will be the permanent one.

    We understand there could be confusion. The Moody’s team is committed towards actively working to improve our user experience, to enable users to activate an account only once going forward.

  • As an internal user, your identity  and credentials are stored in Okta workforce (moodys.okta.com). This is the only place where your password can be managed. As a result, if you try to change your password either “In-App” or in the sign-in pages, you will get an error. This is the expected behavior.

  • Product and application destinations will not change. You can keep accessing your platforms as you always have.

  • As a Moody’s internal user, you will be redirected to moodys.okta.com, our internal Okta Workforce system for authentication. At that point, you will see one of two experiences:

    • If there is an existing Okta session at moodys.okta.combecause you already signed-in to access internal Moody’s applications (Moody’s University, AWS, Miro, ..), the sign-in process will leverage that existing session and redirect you to the application targeted. No credentials need to be entered.
    • If you have not authenticated at moodys.okta.com recently, you will have to enter your Network/Active Directory password to sign-in. After sign-in at moodys.okta.com, you will be redirected to the target application.

  • To prevent password loop attacks, we automatically lock a user account after 10 unsuccessful sign-in attempts.

  • Your account will be reactivated 15 minutes following being locked. If you have forgotten your password, you can ask for a password reset.

  • Contact Client Service through the SSO Help Page: https://accounts.moodysanalytics.com/help

    NOTE: If you are contacting us for help with an error you are receiving, please provide a full screenshot where we can see the URL of the page and the error message. Providing a history of how you received the error is also key for a quick resolution of issues.

  • Please find some known errors related to authentication process:

     Error message  Remediation action  Who to contact
     "We found some errors. Please review the form and make corrections." in the sign-in widget  Clear browser cache.

    Close and reopen browser.
     Support teams (see "Who can I reach out to with questions?" above)

     

  • The password requirements are the following:

    • At least 8 Characters
    • At least 1 lower case letter (a-z)
    • At least 1 Upper case letter (A – Z)
    • At least 1 number ( 0 – 9)
    • Does not contain any part of your username

  • Only when your SSO session is expired, or you have signed out of a covered application, your credentials will be asked again.

    All covered applications will share the same SSO session, and will not ask for your credentials when you navigate between them.

     You will also be asked to sign in if you are accessing a product not included in the SSO.

  • No, Moody’s does not store credentials for federated users. Federation means we will redirect clients to their corporate Identity Providers (IdP) where the credentials will be validated. Only after remote authentication (seen from a Moody’s perspective), we receive a “token” that contains some user related information. That token is signed by the client’s IdP and verified on our end.

      At no time does Moody’s have visibility of federated users' passwords.

  • Users who were requested to reset their password must use the new password only, previous passwords will not be recognized.

    User who did not receive the password request can continue using their current password.

  • Yes. We are constantly onboarding Moody’s applications to the SSO framework to improve the customer experience. It is possible additional products will be incorporated at a future time, and we will keep you updated if that happens.