Inbound SSO

Inbound SSO is when a when a user signs in to an Experience Cloud application using an external IdP. When Experience Cloud is the IdP, and the process is called Outbound SSO.

SSO authentication is performed by the IdP

By default, when there is one IdP for a company, users navigating to a Experience Cloud application are automatically signed in when they access the application. Some companies have multiple IdPs to manage different segments of their users. When there are multiple IdPs available, the user is prompted to choose the IdP that authenticates their account. Additionally, mobile users and some web browsers can be directed to a specific IdP without offering a choice to the user.

Sign-in screen showing multiple IdPs

These topics explain how to configure and use SSO for inbound authentication:

Configuring OIDC single sign-on SSO describes how to configure inbound SSO to use an external OAuth/OIDC IdP to authenticate users accessing Medallia applications.
Configuring SAML single sign-on describes how to configure inbound SSO to use an external SAML IdP to authenticate users accessing Medallia applications.
Mobile single sign-on (SSO) explain how mobile apps use SSO.
Medallia Web URLs with SSO details how links access Medallia Web reporting when SSO is enabled.