Single sign-on uses a third-party SAML 2.0 or OpenID Connect SSO identity provider (IdP) to authenticate users based on their company SSO credentials. Once authenticated to the mobile app, the user remains signed in until the application determines the user needs to re-authenticate. (See Mobile application security for more information about sign-in and authentication.) For detailed information about how Medallia Experience Cloud uses SSO, see Single sign-on (SSO).

The first time users open the app they are prompted to sign in using the company's SSO sign-in page.

For Medallia Mobile and Medallia Voices, the initial screen prompts to enter a company ID. The ID is the name at the end of the URI that users use to access Medallia Web reporting. For example, when the URI is https://login2.medallia.com/orion, the company ID is orion. After providing the company ID, the app opens the company's SSO sign-in page to authenticate the user. Once authenticated, the app opens to show the user's reports.

To switch to using Medallia Web reporting username and password credentials instead of SSO, toggle the Use Medallia Username property, enter your company name, and then click Next. This option is useful for administrators troubleshooting sign-in issues, or when the user does not have an SSO account with the company, but does have a user account for the company.

Some companies require users to use the IdP application to initiate launching the mobile application. In that case, the user uses the IdP app or web page to authenticate, and then they click a link to launch the mobile application. This is called IdP-initiated SSO and it is implemented using SAML SSO deep-link authentication.