About single sign-on (SSO)
Learn about our support for Moody's and federated single sign-on, including how identity provider groups affect user access and team membership.
We support two ways to sign in: Moody's SSO and federated SSO. Both methods let users access the platform without managing separate credentials.
Moody's SSO
A Moody's SSO account lets users access the platform and their other SSO-enabled Moody's applications using a single email address and password. See Activate your Moody's SSO account for more information.
Federated SSO
Federated users sign in to the platform through their company's chosen SSO identity provider, such as Azure Active Directory or Google SSO. When federated SSO is configured on your account, users authenticate with your identity provider after entering their email address on the sign-in screen. See Add a federated SSO user for more information on configuring federated SSO.
When a user signs in for the first time using federated SSO, their email address is automatically added to your platform account. You can then view and manage their account from the platform's User management tab.
Each time a federated user signs in, their name and teams are updated with the details from your identity provider.
Caution
If a user hasn't been assigned to any groups with your identity provider or if you haven't linked their groups to any roles, they won't have any user roles when their account is created. This means they won't be able to access any area of your platform account until you manually assign roles from the User management tab.
Federated SSO user passwords, as well as the reactivation and deactivation of federated users, are managed by your identity provider.