Review of OneLogin - Digital Identity
Solution: OneLogin Trusted Experience Platform
With over 2500 enterprise customers, OneLogin simplifies identity management with secure, one-click access, for employees, customers and partners, through all device types, to all enterprise cloud and on-premises applications.
OneLogin enables IT identity policy enforcement, and disables app access for employees who leave or change roles in real time by removing them from Active Directory. Take control over application access, quickly on- and off-board team members, and provide end users with easy access to all their apps on every device. Extend on-premises security model to the cloud in minutes. Eliminate the pain and expense of extensive identity policy management. OneLogin reduces identity infrastructure costs and complex integration project for each new app and efficiently extends identity policy to the cloud. OneLogin eliminates the need for lengthy integration and provisioning projects, manual de-provisioning, protracted on- and off-boarding processes, username and password resets, and Shadow IT policing.
Other offerings include:
Mobile: OneLogin Mobile identity management gives users one-click access to all their enterprise apps on both smartphones and tablets.
As organizations grow, the technology puzzle pieces multiply: more apps, users, and devices. OneLogin simplifies identity and access management.
• Portal: Access all apps from one secure single sign-on portal. • Directory Services: Integrate AD, LDAP, and HR systems in one central directory. • Centralized Management: Manage directories, configure access policies, provision or offboard users, build reports, and more. • OneLogin Desktop: Enable device trust by extending OneLogin authentication to endpoints and use certificate-based authentication for simple, secure access. • Shield: Eliminate insecure password practices, including password reuse across sites, weak passwords, and combat phishing.
In the past year, there has been nearly a twelve-fold increase in the number of cyberattacks using artificial intelligence and machine learning (AI/ML) capabilities. Fight fire with fire. Vigilance AI™ uses AI/ML to gather data across the OneLogin Trusted Experience Platform™ and identify potential threats.
Vigilance AI™ Powered by artificial intelligence and machine learning, Vigilance AI analyzes large volumes of data from first- and third-party sources to identify anomalies and prevent threats. Vigilance AI leverages User and Entity Behavior Analytics (UEBA) capabilities to build a profile of typical user behavior and subsequently identify and communicate anomalies in real-time for advanced threat defense.
Not all login attempts are created equal. SmartFactor Authentication™ offers flexible authentication requirements based on contextual insights, including modular login flows as well as step-up and step-down multi-factor authentication (MFA) requirements. Security when you need it, simplicity when risk is low.
SmartFactor Authentication™ Powered by Vigilance AI™ , SmartFactor Authentication™ delivers context-aware authentication to perfectly balance security and user experience.
Protect MFA client and one-time-password (OTP) app that supports multiple accounts and biometric authentication.
The center of the platform is the OneLogin cloud directory: a single source of truth from which you manage access. No need to rip and replace your current directories. OneLogin’s pre-built integrations work seamlessly with your existing on-prem and cloud directories, like Microsoft Active Directory, LDAP, Workday, and more.
OneLogin’s Single Sign-on (SSO) platform gives users one-click access to all their apps, in the cloud or behind the firewall, anywhere and anytime. With an extensive app catalog and a secure portal, users can always see and access their apps.
It’s all about secure authentication. OneLogin adds multi-factor authentication (MFA). Implement personal security questions, biometrics, OTP, pins, and more. You define the rules, OneLogin enforces them.
OneLogin’s SmartFactor Authentication uses machine learning for state-of-the-art MFA. It takes context into account, like location, IP addresses, and time of day, to identify and challenge abnormal login attempts.
Identity and lifecycle management
With OneLogin’s identity management, provision users easily and automate onboarding/offboarding. Connectors integrate OneLogin with your on-prem and cloud directories with real-time synchronization. Streamline entitlements through powerful rules to enforce intelligent access policies based on user location, role, privilege level, and more.
Reporting and intelligence
Stay compliant with sophisticated reporting and a centralized audit trail. The information you need to meet compliance requirements or assess cyber threats is at your fingertips. No more coordinating with multiple systems and people for reports. OneLogin’s dashboard is supplemented by a state-of-the-art reporting engine for drilling down to users, apps, and events.
An identity solution that isn’t extensible isn’t a scalable solution. Built to be developer-first, OneLogin’s API is based on RESTful principles, secured by OAuth 2.0, and provides JSON messages, search, pagination, sorting, and filtering. With OneLogin, you can integrate your custom apps and third-party apps, and extend the system to fit your workflows.
Learn More: https://www.onelogin.com/product
What is identity and access management: https://www.onelogin.com/learn/iam
User Review - Five Stars
I like how easy it is to protect enterprise applications by leveraging SSO and OneLogin's MFA capabilities. There are so many pre-configured applications that do all the legwork for you, that you don't have to wrestle with the XML metadata files. Even when you are using an app that is not part of their pre-configured app catalog, they are incredibly responsive to adding it into the catalog. They also provide a mechanism where you can manually setup a SAML integration.What do you dislike?
Mapping rules can get scary when you have complex logic you are trying to maintain. The mapping rules' simplicity is a double-edged sword. On the one hand, it doesn't take a lot of brain-power to figure out what each individual rule does, but if you are looking to have complex branching logic, it is a little like programming in assembly: doable, rock solid when you do it right, but difficult to trace through at times.Recommendations to others considering the product:
OneLogin understands the needs of higher education. They recognize the need to partner with their users to continually improve the product. They make every decision with security as a priority concern.What problems are you solving with the product? What benefits have you realized?
Unified identity, user provisioning, and account security were the three main problems that OneLogin has solved for us. We have reduced our account compromises by an order of magnitude since adopting mandatory MFA for all our accounts.
User Review - Four and Half Stars
With onelogin we are able to connect cloud apps and our own apps in a simple and easy way. Together with the professional support of onelogin we can connect easily the most apps we have and with some support from professional onelogin service provider we can also connect our SAP and specific apps.
We then used the onelogin API to develop a customer specific authentication which was quit easy and fast forward.What do you dislike?
In some cases we have trouble with the office 365 connector which should be improved by onelogin. The integration of 3rd Party 2nd factor authentication should be easier than today.Recommendations to others considering the product:
Try onelogin and you will be satisfied about the possibilitiesWhat problems are you solving with the product? What benefits have you realized?
We use onelogin to:
- connect cloud apps like Jira, Confluence
- on premise solutions based on Hybris, SAP
- we connect onelogin to SAP PO Layer to get customer data
- integration of enterprise user with the active directory connector