Changes to Single Sign On - Advanced FAQ

We have prepared some material on topics for IT and/or Administrators who may require further guidance or may express interest in specific areas of our capabilities.

You may also refer to the guidance in the FAQs which describes the nature of the changes.

  • Every user will need to go to the login page and reactivate their account and reset their password from Monday 28th
  • The password can we reset using the password reset feature
  • Your username (email) will not change

What areas will be enhanced improvements?

We have introduced an active user management policy based upon inactivity and a 90-day password rotation policy to help protect against potential future threats.

Can you elaborate on what is meant by “active user management”?

In line with security practices we will force users to reset their password periodically. This will be set at every 90 days and is designed to help protect our systems as well as our customers.

If a user is inactive (has not signed in for several months) we will automatically deprovision the user which will mean the user will need to reset their password to reactivate their account.

Users who continue to be inactive for a period greater than 18 months will be removed.

At any point, prior to being removed, a user can reactivate their account by resetting their password, however they may need to be re-provisioned by their respective organisation’s administrator or our customer services teams.

In line with compliance directives, we will also periodically ask users to review the details we hold on record are correct and give the users the opportunity to make amendments. 

Individual users can continue to manage their details and preference at any time.

Do I have the flexibility to change the password policy for my organisation?

At this time this is not a planned feature, however this requirement might be satisfied with a Federated Identity use case.  Please contact your account manager to discuss.

My organisation uses a shared login / script to sign me in, will I be impacted?

Yes, we anticipate customers who populate the sign-in screen utilizing a script will be impacted by the change to the user interface through the use of the OKTA sign-in widget.

Wood Mackenzie cannot provide support for 3rd party scripts but we can provide some guidance on what to expect. We would also recommend switching this login to be a Service Account so that users are not prompted to change password every 90 days.

Will users be able to continue to self register?

Yes, users will be able to continue to self-register.

Will users, self-registering, be prompted to enter their Site ID and will this Site ID change?

With our new system we should be able to recognise users more often based solely upon their email address, thus the necessity to supply the Site ID will dramatically decrease. 

We will continue to recognise old Site ID keys, however sites themselves are being deprecated in favour of new flexible account system.

Customers will be able to create and manage their own redactable registration keys as part of the flexible account system, thus allowing different user groups to easily onboard quickly and be placed directly into the appropriate groups of your choosing.

Will customers be able to administer their own users within their organisation’s account?

Inline with service level agreements and at Wood Mackenzie’s discretion, we can empower our customers self serve and manage their own users, user groups and subscriptions, if they wish.

Do you support the concept of service users to support system integration needs?

Yes, as part of our new system, customers will have the ability to create service user(s) typically used for application/system integrations for use with our APIs.

These service accounts are similar to real users accounts except these will not have the same password retention policy as real user nor will they need to have a real email mailbox to receive activation emails.

Unlike real user accounts, service account can be activated inline within the account management experience.

Real user accounts will continue to operate with an email-based activation step which will require access to a real and valid email mailbox.

Can I update or modify my organisation’s domain whitelist?

This operation can only be performed by our Customer Focus team, please contact

I have a configured my users into logical groups to reflect my organisation structure, what will happen with renewals?

Renewals will automatically replace existing active subscriptions including the allocation of these memberships.

Only when new subscription appear will administrator need to decide how they want to allocate these. 

The default setting is to allocation the subscription to the Everyone group, however this can be controlled, such that it is not automatically allocated, or subscriptions can be allocated to a specific group of the customers’ choosing.

Will I be able to see what subscriptions are associated to my organisation’s account?

Yes, administrators will be able to view what subscriptions are attached to their organisation’s account including the start and end date. They will also be able to see and control which subscriptions are associated to individual users or groups.

My Account has an Everyone group, what is the Everyone group and who does it contain?

Every Account has a unique Everyone group. The Everyone group is a system managed group where all the users registered to the specific account are automatically members.  

The Everyone group is largely like any other group except users cannot be removed or added without removing/adding the user to/from the organisation’s account.

Subscriptions can be associated and disassociated from the Everyone group just like other User Groups.

What are User Groups?

User groups are simply non-hierarchical logical sets of users within an organisation’s account.

These groups can be used to represent a collection of users which have the same product subscription characteristics and could represent teams within a business, an entire business unit or specific functions within your organisation or a combination of these use cases.

You can associate Users to one or more groups and you can associate Subscriptions within your organisation account to one or more groups or users.

Who has access to manage my organisation’s account?

Per our service level agreements, customers who nominate users from their account to be account administrators will have access to their organisation account.

These administrative users will have the ability to manage users, user groups and subscription memberships within an account.

Our Customer Focus teams will have limited access to also manage your organisation’s account. They can manage users, user groups and subscription membership. In addition, they will have the ability to adjust restricted settings on behalf of the customer, in line with their service level agreement.

My organisation operates an internet whitelist, are there any new domains we need to whitelist/enable?

Yes, the existing domains remain the same however you must also enable:

Can my organisation obtain the complete set of Wood Mackenzie domains?

Whilst we can provide a complete list of domains, we recommend not blocking/whitelisting https://* and https://*

Will we offer Federated Identity or MFA (multifactor authentication)?

Initially no, however these items are on our roadmap.

We are extremely keen to work with customers who have requirements to integrate and sign in in this way.  Please contact our Customer Focus teams via to discuss.

Can I manage my organisation’s IP address whitelist (Network Zoning)?

Initially no, however this is on our roadmap as a capability.

We are extremely keen to work with customers who have requirements to integrate and sign in in this way.  Please contact our Customer Focus teams via to discuss.

Will you support SCIM?

No, at this time we have no plans to add support for SCIM.

We are extremely keen to work with customers who have requirements to integrate and sign in in this way.  Please contact our Customer Focus teams via to discuss.

Can I be confident my user profile is safe?

OKTA is a leading identity management platform.  You can read more on their security and compliance model.

I have a question that is not listed?

Please contact our Customer Focus teams via