Here is list of applications that will leverage that new single source of identities:
Catylist - Commercial Exchange
Catylist - RDMA
China Structured Portal
CRE Portfolio Manager (Realxdata)
CSG External API
CSG CNSFP PyBA
CSG Risk Compass
Data Alliance Portal
Loan Pricing Tool
Moody’s CreditView / Moodys.com (MDC)
Review (RDC Federation App) - US
SFDC Customer Portal
ZM Online ALM
ZM Online CECL
The SSO will be implemented on a rolling basis, which means clients may see the change later than others. Nothing is wrong, and your access will update as planned during the update window.
If your application is not listed, you will continue using the credentials you currently have set.
If you have more than one Moody’s and Moody’s Analytics application, you may receive 2 activation emails.
One from the Moodys.com application, asking you for a password reset, and a second one from the Okta platform for activating your account, and setting your password again. The last password entered will be the permanent one.
We understand there could be confusion. The Moody’s team is committed towards actively working to improve our user experience, to enable users to activate an account only once going forward.
You can change your password in two different ways: “In-App” or on a sign-page:
“In-App”: some applications give you the ability to reset your password from within the application. In that case, you don’t have to exit the application.
Sign-in page: The sign-in page provides a link to a password reset screen, where you can change your password.
Federated users will not be able to reset their password in the Moody’s ecosystem, as the password is stored and managed at the client Identity Provider level, externally of Moody’s.
Product and application destinations will not change. You can keep accessing your platforms as you always have.
You will use a singular set of credentials to access all SSO products, which will be your moodys.com credentials.
Once you have authenticated once, you can access all applications covered by the program without having to authenticate (give credentials) again.
For clients having a federation in place, the sign-in experience will be exactly the same: the Moody’s sign-in process will redirect you to your corporate Identity Providers. You will authenticate there and your corporate identity will be forwarded to the Moody’s applications.
In order to prevent password loop attacks, we automatically lock a user account after 10 unsuccessful sign-in attempts.
Your account will be reactivated 15 minutes following being locked.
If you have forgotten your password, you can ask for a password reset.
Please find some known errors related to authentication process:
Who to contact
"We found some errors. Please review the form and make corrections." in the sign-in widget
Clear browser cache.
Close and reopen browser.
Support teams (see "Who can I reach out to with questions?" above)
The password requirements are the following:
At least 8 Characters
At least 1 lower case letter (a-z)
At least 1 Upper case letter (A – Z)
At least 1 number ( 0 – 9)
Does not contain any part of your username
Only when your SSO session is expired, or you have signed out of a covered application, will your credentials will be asked for again.
All covered applications will share the same SSO session. You will not be asked for your credentials when you navigate between them.
You will also be asked to sign in if you are accessing a product not included in the SSO.
No, Moody’s does not store credentials for federated users. Federation with a client means we will redirect the client users to their corporate Identity Providers (IdP) when the credentials will be validated. Only after remote authentication (seen from a Moody’s perspective), we receive a “token” (to make it simple) that contains some user related information. That token is signed by the client’s IdP and verified on our end.
At no time does Moody’s have visibility of federated user’s passwords.
Users who were requested to reset their password must use the new password only, previous passwords will not be recognized.
Users who did not receive the password request can continue using their current password.
Yes. We are constantly onboarding Moody’s applications to the SSO framework to improve the customer experience.
It is possible your other products will be incorporated at a future time, and we will keep you updated if that happens.
During the sign-in flow, a new website can be reached for authentication.
You must add https://auth.moodys.com as a trusted site to allow users to go through the full authentication flow.
One Moody’s SSO relies upon Third Party Cookies feature to provide seamless navigation between Moody’s applications. If those cookies are blocked in your browser, you may experience some additional requests to sign-in, and logout/session terminations may not be recognized across applications.
Contact Client Service through the SSO Help Page:
NOTE: If you are contacting us with help on an error you are receiving, it will help to provide a full screen screenshot, where we can see the URL of the page where the error happens, and the error message as well. Providing a history of how you got to the error is also key for a quick resolution of issues.