SSO FAQ

  • Here is list of applications that will leverage that new single source of identities:

    • API Portal
    • Banking Portal
    • CAP
    • Catylist - Commercial Exchange
    • Catylist - RDMA
    • Catylist
    • China Structured Portal
    • CMM
    • CRA
    • CRE Portfolio Manager (Realxdata)
    • CRE (REIS)
    • CreditEdge
    • CSG API
    • CSG External API
    • CSG CNSFP PyBA
    • CSG Risk Compass
    • Data Alliance Portal
    • Economy.com
    • EDFX
    • Impairment Studio
    • Information Web
    • Intellipulse Credit
    • KYS Network
    • Learning Ecommerce
    • Loan Pricing Tool
    • ML Catalog
    • Moodys.com (MDC)
    • Ratings.moodys.com (RMC)
    • Review (RDC Federation App) - US
    • RiskBench
    • RiskCalc
    • RiskFrontier
    • SFDC Customer Portal

  • If your application is not listed, you will continue using the credentials you currently have set.

  • You can change your password in two different ways: “In-App” or on a sign-page:

    • “In-App”: some applications give you the ability to reset your password from within the application. In that case, you don’t have to exit the application.
    • Sign-in page: The sign-in page provides a link to a password reset screen, where you can change your password.

    Federated users will not be able to reset their password in the Moody’s ecosystem, as the password is stored and managed at the client Identity Provider level, externally of Moody’s.

  • Product and application destinations will not change. You can keep accessing your platforms as you always have.

  • You will use a singular set of credentials to access all SSO products, which will be your moodys.com credentials.

    Once you have authenticated once, you can access all applications covered by the program without having to authenticate (give credentials) again.

    For clients having a federation in place, the sign-in experience will be exactly the same: the Moody’s sign-in process will redirect them to their corporate Identity Providers, they will authenticate there, and their corporate identity will be forwarded to the Moody’s applications.

  • In order to prevent password loop attacks, we automatically lock a user account after 10 unsuccessful sign-in attempts.

  • Your account will be reactivated 15 minutes following being locked.

    If you have forgotten your password, you can ask for a password reset.

  • Contact Client Service through the SSO Help Page:

    https://accounts.moodysanalytics.com/help

    NOTE: If you are contacting us with help on an error you are receiving, it will help to provide a full screen screenshot, where we can see the URL of the page where the error happens, and the error message as well. Providing a history of how you got to the error is also key for a quick resolution of issues.

  • Please find some known errors related to authentication process:

     Error message  Remediation action  Who to contact
     "We found some errors. Please review the form and make corrections." in the sign-in widget  Clear browser cache.

    Close and reopen browser.
     Support teams (see "Who can I reach out to with questions?" above)

     

  • The password requirements are the following:

    • At least 8 Characters
    • At least 1 lower case letter (a-z)
    • At least 1 Upper case letter (A – Z)
    • At least 1 number ( 0 – 9)
    • Does not contain any part of your username

  • Only when your SSO session is expired, or you have signed out of a covered application, your credentials will be asked again.

    All covered applications will share a same SSO session, and then will not ask you credentials when you navigate between them.

    You will also be asked to sign in if you are accessing a product not included in the SSO.

  • No, Moody’s does not store credentials for federated users. Federation with a client means we will redirect the client users to their corporate Identity Providers (IdP) when the credentials will be validated. Only after remote authentication (seen from a Moody’s perspective), we receive a “token” (to make it simple) that contains some user related information. That token is signed by the client’s IdP and verified on our end.

    At no time does Moody’s have visibility of federated user’s passwords.

  • Users who were requested to reset their password must use the new password only, previous passwords will not be recognized.

    User who did not receive the password request can continue using their current password.

  • Yes. We are constantly onboarding Moody’s applications to the SSO framework to improve the customer experience.

    ESG products will be added to the SSO before December 2022. We will send a communication to those users impacted by this change separately.

    It is possible your other products will be incorporated at a future time, and we will keep you updated if that happens.

  • During the sign-in flow, a new web site can be reached for authentication.

    You must add https://auth.moodys.com as a trusted site, to allow the users to go through the full authentication flow.

  • The SSO will be implemented on a rolling basis, which means clients may see the change later than others. Nothing is wrong, and your access will update as planned during the update window.

  • If you have more than one Moody’s and Moody’s Analytics application, you may receive 2 activation emails.
    One from the Moodys.com application, asking you for a password reset, and a second one from the Okta platform for activating your account, and setting your password again. The last password entered will be the permanent one.
    We understand there could be confusion. The Moody’s team is committed towards actively working to improve our user experience, to enable users to activate an account only once going forward.