- Strengths & Weaknesses
- Alternatives for OneLogin
- OneLogin User Provisioning, Identity Management and Onboarding
- OneLogin Features Overview
OneLogin is a single sign-on (SSO) and multi-factor authentication (MFA) service. Able to integrate with a multitude of applications, OneLogin offers a streamlined way for users at your business to quickly access apps for different projects and day-to-day operations. That said, OneLogin’s targeted focus makes it a bad candidate for our best password manager list.
In this OneLogin review, we’re going to detail our experience after spending some time with the service. We signed up for an account incognito — as any user would — to evaluate its features, security, pricing and more, all to arrive at our verdict.
As a service focused on enterprises, OneLogin is excellent, though it comes into its own only when the user count gets high. For small businesses, there are far better options, such as Dashlane and 1Password, both of which made our guide for the best password management tools for small business. Read on for our full thoughts or skip to the end of this OneLogin review for our overall rating.
Strengths & Weaknesses
- Deep user control
- Automated user provisioning
- Solid security
- Large range of supported apps
- Vigilance AI & SmartFactor Authentication
- Excellent support resources
- Better suited for large businesses
- Forced minimums
- Few features for small business
Alternatives for OneLogin
At its core, OneLogin is a single sign-on service, though that’s just one aspect of the overall security package it offers. The OneLogin Trusted Experience Platform, as it’s called, provides everything your business needs to interact with digital platforms, including MFA, identity management, automation and more.
The central feature of OneLogin is its cloud directory, which is built to integrate directly with existing cloud directories, such as Microsoft Active Directory, LDAP and Workday.
In your directory, you can configure apps so that users across your business have one-click access to them. Although OneLogin doesn’t support every platform, it offers an extensive list, with everything from productivity apps to marketing and advertising services.
Rounding out the basic service is MFA, which allows you to implement security questions, biometrics, one-time passwords and more to enforce strict security standards. OneLogin even has something called SmartFactor Authentication, which uses machine learning to identify fraudulent attempts to log in. We’ll talk more about that in the “security” section below.
OneLogin User Provisioning, Identity Management and Onboarding
OneLogin’s core service is solid, but its range of user management features are what stick out most. To ensure everything runs as smoothly as possible, OneLogin has automated user provisioning. Using identity and access management (IAM), you can import and automatically assign roles to users for your different apps.
You can have custom roles and attributes, too, and automatically assign those attributes to users as you add them. For instance, if you want to assign a user to a particular group within one of your applications, you can do so using entitlement mapping and custom attributes, all automatically.
In features and pricing, it’s clear OneLogin is focused on large enterprise applications. Although the ease of use is enough of a sell for even small businesses, larger outfits will be able to fully harness OneLogin’s power. It’s clear that the development team thought about everything that makes larger businesses run smoothly.
OneLogin Features Overview
|Backup and recovery|
OneLogin has three plans available, each of which are priced per month per user. Those aren’t your only choices, however. Although the Starter, Enterprise and Unlimited plans fit the bill for most businesses, you can contact OneLogin to customize a plan that fits your needs.
Beginning with the preconfigured plans, OneLogin adds new features as the price increases. The Starter plan, for example, comes with SSO for all apps and standard support, while Unlimited comes with identity management, MFA and policy-driven security.
Outside of the price, the minimum number of users is different for each tier, too. Though, it’s not different in the way you might suspect.
OneLogin actually requires a higher minimum user count on its lower tiers, with Starter requiring at least 25 users. If you’re a small business looking for SSO and only have a few employees, you’ll need to spend a lot more to get started.
Using the minimum number of users, Starter costs at least $50 per month while Unlimited sits at $40. If you only have five users and need basic SSO, you’ll need to pay nearly the same price as 25 users on the Starter plan.
Although we understand user minimums, OneLogin has its pricing set up so that you’re always paying at least $40 each month, regardless of the number of users you need or the plan you choose.
Even so, OneLogin is inexpensive as long as you meet its thresholds. There’s also a 30-day free trial available that gives you access to desktop and mobile SSO, custom reports, MFA, security policies and more. Even better, you don’t have to put down a credit card to give it a shot.
OneLogin Custom Plans
If you have a company size of 5,000 or more, or if you need only certain services, you can contact OneLogin directly for a quote. Custom plans can consist of as little as MFA for a business VPN, or as much as OneLogin access, risk-based MFA, the OneLogin desktop application and more. Like the Starter, Enterprise and Unlimited plans, however, there’s a minimum.
You need to spend at least $1,200 annually for a custom solution. Although OneLogin doesn’t provide any pricing on its site, that should give you an idea about what to expect. Additionally, OneLogin has higher education pricing, which, like custom solutions, is provided through contact only.
OneLogin is very much an enterprise-focused service, with multiple products and use cases scattered along the top menu. Despite being dense with information, there’s never a question about how to sign up, like there is with LogMeOnce (read our LogMeOnce review). The large “try now” button will get you started.
You can try OneLogin for your business risk-free for 30 days (it doesn’t even ask for a credit card). Filling out the form is simple, but you’ll need some basic business information to gain access. OneLogin asks for a work email, work phone number, your title and the number of employees at your business.
After verifying your email, you’ll need to set a master password (OneLogin requires at least eight characters consisting of letters and digits). We hit a small snag when trying to log in, though. OneLogin asks for a user ID after setting your password, which is actually your email. If you enter a different username, you’ll get an “invalid password” pop-up.
Adding Applications and Users in the Admin Panel
Once you’re booted to the admin dashboard, OneLogin will present you with a few beginning steps. That includes adding applications and users, and assigning those applications to users.
The process is surprisingly simple, despite the breadth of options that are available in OneLogin’s dashboard. When you’re starting, there are multiple pop-ups that help the process along.
Adding a new app is simple, with OneLogin organizing its long list of supported platforms into categories (and thankfully providing a search bar). Once you find the app you’re looking for, you can customize a few aspects of it, including the display name, the icons and if the app is visible in your business’ portal.
With your apps added, it’s time to add users. OneLogin gives you a lot of options when it comes to adding users and dealing with their access. You can set roles within your organization, organize users into groups, automate user features and even generate a self-registration area.
For businesses large and small, OneLogin gives you full control over how you add users to your account.
You can do a lot more in the admin panel, including configuring a business virtual private network and monitoring the activity of your users. OneLogin gives you the same level of control as a tool like Zoho Vault (read our Zoho Vault review). However, it never gets too overwhelming, meaning anyone can harness its power.
OneLogin in Practice
Although most of OneLogin’s features are in the admin panel, you likely won’t interact with it on a day-to-day basis. OneLogin features a web interface where you can add new personal apps, as well as view apps that are applied across your organization. In this dashboard, you can actually set the logins for each of the apps connected to your account.
Additionally, OneLogin provides a desktop application and browser extension. The latter is most useful for day-to-day usage, allowing you and the users on your account to easily log in to applications. There are mobile apps for Android and iOS, as well as a free OTP app for mobile, too.
OneLogin isn’t a password manager, per se, so it doesn’t have many of the security measures that personal password management tools do. Of note, it doesn’t have a zero-knowledge model. Although your information is secure, OneLogin has safeguards in place to protect against a forgotten password.
As for encryption, OneLogin protects your account with AES-256, which, as you can read in our description of encryption, is the strongest stuff you can get. Encryption isn’t the concern with OneLogin, however. It’s how your employees interact with the service.
Vigilance AI and SmartFactor Authentication
OneLogin has two proprietary features that relate to security. The first is Vigilance AI, which uses machine learning to identify risks and detect threats before they can affect your accounts. Using data from your internal usage and normal usage statistics from third parties, Vigilance AI is able to create a profile for your standard use.
Although no AI is perfect, Vigilance is solid. Taking data not only from machine learning, but also from your own custom rules, OneLogin is able to detect most threats while not interfering with day-to-day operations. Vigilance AI’s contextual analysis directly feeds OneLogin’s other proprietary MFA security feature, SmartFactor Authentication.
MFA is a core feature of OneLogin, allowing you to use a range of additional factors to keep your accounts secure. However, those factors have a check against them. OneLogin uses its machine learning algorithm to understand the context behind any single login. That includes the network, device, standard time of day, geographic location and more of the attempted login.
Vigilance AI and SmartFactor Authentication operate in the background. However, using the event log, you can view all of the activity on your account and the corresponding risk score of any particular action. That way, if the AI is being too heavy-handed or not blocking enough, you can adjust your custom rules accordingly.
As is the case with most enterprise-focused services, OneLogin offers a wide range of support resources and contact options. Although there are plenty of self-help options if you run into trouble, OneLogin stands out with excellent learning resources, helping admins and employees get up to speed on how the service works.
Starting there, OneLogin offers “customer enablement” sessions, which are 15 to 30 webinars that provide the core information about how OneLogin functions and what it can do for your business. Although registering and attending one of these webinars live is the best way to go about things, you can view them on-demand, as well.
If you want to go deeper, you’ll need to head to the resource center, which is available from the homepage of OneLogin’s website. In addition to information about current best practices and cybersecurity news, OneLogin offers a breadth of resources for masking its platform and ensuring your accounts stay secure.
That includes a range of ebooks, technical whitepapers, infographics, analytic reports and even open-source SAML toolkits. Furthermore, all of this information is provided whether you have an account or not.
When It Becomes Time for Support
OneLogin definitely frontloads its support resources. When it comes time to solve problems for existing customers, it does a decent job, though it doesn’t support nearly as many resources as it does for prospective and new customers.
For contact options, you can call OneLogin for support after you’ve purchased a plan. Although that’s the prefered method, we would’ve liked to see email support, too. Frustratingly, OneLogin offers email service for sales inquiries, but not for technical ones.
Thankfully, there are a lot of self-help resources in the knowledgebase, though they’re not organized as well as the material in the resource center.
Still, the knowledgebase goes deep, with nearly all topics receiving a handful of screenshots and some even video tutorials. If you have any questions about how OneLogin or how to configure it, the knowledgebase is the best place to look.
Although we would’ve liked to see more contact options, it’s clear OneLogin has put in the work so that contact is a last resort. The self-help resources are excellent through and through, with support for pre- and post-sale customers. However, we would’ve liked to see live chat or, at the very least, email support.
OneLogin is a solid SSO and MFA service, though it’s far better suited for large businesses than small ones. In addition to minimums across its tiers, OneLogin’s feature list is focused on automation, user permissions and onboarding/offboarding. Those features all lend themselves to outfits that need SSO for a long list of users and a simple way to manage it all.
If that fits the bill for you, however, there are few other services that offer as much as OneLogin does. On top of the features for large outfits, OneLogin is extremely easy to use and highly flexible, allowing it to easily fit into any business.
What do you think of OneLogin and this OneLogin review? Are you going to give the free trial a spin? If you use OneLogin, let us know in the comments below and, as always, thanks for reading.
- OneLogin is an IDP, though if you use the service, you can use an external IDP, too.
- OneLogin is a single sign-on (SSO) and multi-factor authentication (MFA) service for businesses. The service integrates with a wide range of applications, allowing users to sign on to business applications with no more than a mouse click.