Mobile single sign-on (SSO)

Single sign-on uses a third-party SAML 2.0 or OpenID Connect SSO identity provider (IdP) to authenticate users based on their company SSO credentials. Once authenticated to the mobile app, the user remains signed in until the application determines the user needs to re-authenticate. (See Mobile application security for more information about sign-in and authentication.) For detailed information about how Medallia Experience Cloud uses SSO, see Single sign-on (SSO).

The first time users open the app they are prompted to sign in using the company's SSO sign-in page.

For Medallia Mobile and Medallia Voices, the initial screen prompts to enter a company ID. The ID is the name at the end of the URI that users use to access Medallia Web reporting. For example, when the URI is, the company ID is orion. After providing the company ID, the app opens the company's SSO sign-in page to authenticate the user. Once authenticated, the app opens to show the user's reports.

Enter your company name and then click Next to open that company's Sign-in screen

Note: To test SSO in a sandbox environment, instead of entering the company name, enter the entire sandbox URL in the Company field.

To switch to using Medallia Web reporting username and password credentials instead of SSO, toggle the Use Medallia Username property, enter your company name, and then click Next. This option is useful for administrators troubleshooting sign-in issues, or when the user does not have an SSO account with the company, but does have a user account for the company.

Toggle the Use Medallia Username property to sign in with a Medallia user name and password

Some companies require users to use the IdP application to initiate launching the mobile application. In that case, the user uses the IdP app or web page to authenticate, and then they click a link to launch the mobile application. This is called IdP-initiated SSO and it is implemented using SAML SSO deep-link authentication.