We use OneLogin for single sign-on to provide a consistent user experience with our in-house and external third-party applications. In addition to single sign-on, we use two additional modules: two-factor authentication and self-service password reset. It's a SaaS product.
OneLogin by One Identity OverviewUNIXBusinessApplicationPrice:
OneLogin by One Identity Buyer's Guide
Download the OneLogin by One Identity Buyer's Guide including reviews and more. Updated: March 2023
What is OneLogin by One Identity?
OneLogin by One Identity is a cloud-based identity and access management service that enables customers to protect their most prized assets – their people, their identities, and the information they create – whenever, wherever. OneLogin provides everything you need for a modern identity strategy that is smart and secure, and offers a seamless experience for your employees, customers, and partners. With OneLogin, you can connect all your applications—in the cloud or on-premises—in one centralized location. Additionally, OneLogin provides advanced functionality by leveraging machine learning to deliver smart, context aware, and on-demand threat intelligence that learns about your users and your business as it continues to grow.
OneLogin by One Identity was previously known as OneLogin, OneLogin Workforce Identity.
OneLogin by One Identity Customers
Uber, Noom, Evernote, Sony, Petco, airbnb, Stitch Fix, Pandora, City of Charlotte, Florida State University, Airbus, Japan Airlines, Aetna, Compass, AAA, PennyMac
OneLogin by One Identity Video
OneLogin by One Identity Pricing Advice
What users are saying about OneLogin by One Identity pricing:
OneLogin by One Identity Reviews
Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
- Date
- Highest Rating
- Lowest Rating
- Review Length
Search:
Showingreviews based on the current filters. Reset all filters
IT Director at Florida State College at Jacksonivlle
Staff and students can now reset their passwords using their enrolled two-factor device as the authentication mechanism
Pros and Cons
- "In my role, the most valuable features are two-factor authentication and self-service password reset. The most helpful feature for the institution as a whole is probably the single sign-on. As an IT director, I care about security and ease of use."
- "We've been experiencing some pain points since the acquisition. For example, there have been some outages we didn't see previously, which are a big topic with my executive team. You have hundreds of applications relying on this service for login. If the service is unavailable, nobody can log into these applications."
What is our primary use case?
How has it helped my organization?
Previously, users constantly had to log in with their user ID and password. It was the same user ID and password for all these applications, but they had to authenticate when they used all the applications they needed to use daily, whether they were an employee or a student. They would authenticate into one application and bounce over to the next to log in again. That's a huge benefit that the organization is leveraging with OneLogin.
The other benefit is that we've reduced calls to our help desk for password resets. Staff and students can now reset their passwords using their enrolled two-factor device as the authentication mechanism. In the past, we were using secret questions through a self-service portal. Inevitably, they would forget their answers or type them wrong. It just wasn't user-friendly.
We're always onboarding new students, and we can set a default profile. Each student has access to a default set of applications, but when they enroll in a class, they might get access to other applications. They're active students, and all that is happening dynamically. We use data feeds from our student integration system to determine student roles and access to applications. We don't need to do that manually. OneLogin can set up those mappings for us automatically based on their enrollment.
It helped us manage our growing user base because we can use data from our SIS and HR platform to drive secure access to applications. Before this, we didn't have the capability. Either everybody got it, or we had to provide access through a request to our service desk manually. I won't say these requests have been eliminated. Still, they have been drastically reduced because we can pull that data feed from those two record systems to provide some access, reducing the workload on the systems and the security team.
With OneLogin, we use the same validator as our login: an authenticator application or a text message. That same two-factor authenticator is used for the password reset. We've significantly reduced the number of trouble tickets and tier-one service desk calls because everyone can reset their own password.
The adoption rate is high because we don't give users a choice. When we add new applications to our portfolio, IT is part of the process on the procurement side. When reviewing a request for an application, one of the first features we look at is the single sign-on capabilities. Do they do SAML? Do they do open ID?
We approve the purchase if all those features check out because we can connect third-party applications for single sign-on. IT is part of the first step. They don't get a choice on the front end of it. IT ensures the application can meet the requirements. We protect that app with two-factor authentication.
We allow a little flexibility on user enrollment in 2FA. It requires some custom development work to make this happen because the functionality isn't native to OneLogin, but we allow a grace period for students to enroll. We didn't want to force enrollment on them right out of the gate. Brand new accounts are required to enroll. We wanted to prompt them, "Hey, here's what you need to do. You need to enroll in two-factor authentication. You have 30 days to enroll in it. Here's a tutorial telling you how you enroll." They can enroll at their leisure.
After 30 days, you don't get any more opportunities. You're forced to enroll. You can't log into any system until you've enrolled in two-factor authentication. We force it on them, but we give them a little time to ensure they have an appropriate device and they've read through the knowledge base to learn how to do it.
Before OneLogin, we had some SSO in place. It was all custom-developed integrations by our in-house developers, but it was never the same. We had a custom SSO for each vendor. By adopting OneLogin, we could reduce the development time. It's not the developers' job anymore. That responsibility shifted to my systems integration team. It reduced the manual effort needed to provide a single sign-on experience. Now we have a true single sign-on experience with few onboarding requirements for connecting to third-party applications with OneLogin because it uses a standard like SAML or Open ID.
These days, more students and staff are working remotely. They still have the same experience they had on campus, but we're protecting their accounts with 2FA. The world was told to work from home at the pandemic's start. We didn't have two-factor before that, so COVID was a significant factor driving the push to make this mandatory for all our staff.
We do not control the network they're on, but we see authentications happening all over the place. People weren't just staying in their city anymore. They traveled to some extent after restrictions were removed and logged in from all over the country. How do we validate that these accounts weren't compromised? The two-factor helped the security side to ensure these authentications are legitimate. At the same time, they provided a secure environment for telecommuting. They won't be denied access to those systems because their account was compromised.
I believe we've saved money, but I'm not sure I can quantify it. In August, we'll review our help desk tickets for password resets. That's one area where I think we'll save money because our calls have decreased. I don't know how much they've declined, but our call volume should be down.
We can also review our application use through the OneLogin portal, which could save us some money on under-utilized licenses. For example, we might have 100 licenses for an application, but only 25 users access it annually. It gives us the data on who's using the application and how frequently to help us make these decisions. That said, we don't have that data yet to quantify how much we're saving, but we will review it after using the platform for a couple of years. As the contracts start coming up for renewal, we can use that data from OneLogin to renegotiate better contracts with vendors.
What is most valuable?
In my role, the most valuable features are two-factor authentication and self-service password reset. The most helpful feature for the institution as a whole is probably the single sign-on. As an IT director, I care about security and ease of use.
OneLogin provides a single pane of glass for events that happen within our organization on applications that are connected. We can see logins, sign-outs, password changes, two-factor prompts and failures, failed logins, etc. It's a crucial feature. We scraped those logs and sent them to our SIEM and SOC to look for anomalies and vulnerabilities. Having them in a central place in OneLogin streamlines that process for us.
We want to review those logs proactively. In addition to OneLogin's risk analysis, we want to pull it into our SOC and have them take a deeper look. They pull in additional data points to see anomalies in OneLogin, Office 365, and the network. They can piece together some events that we need human eyes on. Having them in one spot makes it easy to get to that point.
We use Webhooks for two items. One is the enrollment grace period. The other one is to capture data in our SIEM for our SOC to review. Those are two development Webhooks that we're leveraging. We still run some custom items on our servers to leverage those Webhooks. One is the enrollment grace period. Webhooks can use the data from OneLogin and manipulate it on-premise. That's invaluable. We could not have done our enrollment process without that Webhook. It wouldn't have been as nice of an onboarding experience for our users. It would've been more troublesome for them.
Webhooks freed up a tremendous amount of time. We looked at it from the perspective of maintaining this long-term. Enrollment in 2FA isn't a one-and-done. We have students coming every day. It's not like we're done once we get everybody enrolled. Our onboarding is never-ending. There was no way we could maintain that on a user-by-user level. It was going to be a manual process. Webhooks allowed us to provide that pleasant experience without needing to manage this in the future.
We didn't initially have SmartFactor when we started the contract, but we saw the value. We don't feel comfortable prompting our users to validate using their two-factor enrolled device each time they log in. We only use SmartFactor when a change in user behavior is detected. For example, maybe they're logging in from a new device or an IP address the system hasn't seen before, which raises their risk score. That's when we prompt for that authentication, for that two-factor authentication.
If you're sitting in your office and logging into the same computer simultaneously from the same IP address, there's no need to keep prompting you for the two-factor authentication throughout the week. We only ask for it when something changes. For example, if you take your computer to a coffee shop, you will get prompted because that's unexpected user behavior that the system hasn't seen.
It's a good compromise between security and usability. We haven't moved to password list technology, but OneLogin has the capability. We still require a user ID and password as the front entry, followed by two-factor authentication as the validation that you are who you say you are.
It has a risk score based on user behavior anomalies, like login location, time, and device, usability and security, and more. There's a good balance. The two-factor authentication offers protection, but we don't want to bombard you with two-factor prompts when you're just trying to do your job. We only want to do it when something has changed about your login behavior.
We use the OneLogin Desktop feature in a limited capacity for some self-service kiosks around the organization for payment stations. Students can make payments using a single sign-on via the desktop. Because the application is doing authentication behind it, we haven't extended the OneLogin Desktop to staff or student desktops. One of the main reasons is there's not a great way within the service portfolio that OneLogin has to use the desktop but pick and choose what applications will do single sign-on.
What needs improvement?
We've been a OneLogin customer for several years now. While I like the platform, there have been some challenges. A great example is the amount of work needed with that webhook for the enrollment user experience. This functionality is native to some competing products. That's one area where we've leaned on our account rep over the years. They shouldn't rely on the customer to make this experience better. This is one feature request that hasn't been implemented yet.
At the same time, they've implemented other features we've requested. One is the ability to use a personal email address as a factor. Initially, they didn't have that. We pushed hard on our account team for about two years before it was finally released.
It's a give-and-take. Some of the product's features aren't perfect, but we've had some success pushing fixes to the development team that needs to happen. They've done a decent job. However, there are some fixes that they don't have an interest in. A lot of what I described was before OneLogin was acquired by Quest/One Identity. Things have changed. It doesn't feel like they're driving the product as OneLogin was. It may be because it's a new product to them, and they're still trying to get the lay of the land, process feature requests, etc., but it's not moving as fast as before.
We've been experiencing some pain points since the acquisition. For example, there have been some outages we didn't see previously, which are a big topic with my executive team. You have hundreds of applications relying on this service for login. If the service is unavailable, nobody can log into these applications. The issues have high visibility. It's gotten better, but it's still there. It raises questions about whether One Identity can support the platform they've acquired. How are they enhancing the product? And how are they supporting the product and the service in the future? Those are two essential questions. There are also lots of nice-to-haves, but that's the case with any product.
Buyer's Guide
OneLogin by One Identity
March 2023

Learn what your peers think about OneLogin by One Identity. Get advice and tips from experienced pros sharing their opinions. Updated: March 2023.
687,256 professionals have used our research since 2012.
For how long have I used the solution?
I have been using OneLogin since 2019.
How are customer service and support?
I rate OneLogin's support a seven out of ten. My evaluation of OneLogin's support depends on whether we're talking about before or after the acquisition by One Identity. Initially, we didn't have any problems. They were quick to respond, and it was easy to get ahold of them. When we first started using OneLogin, I would rate the support a nine out of ten.
We've experienced some pain points since the acquisition. When we had a service outage, we had trouble getting through to someone. They're trying to streamline this and provide customers guidance on communication channels. At one point, their phones were offline when they had an outage. Their tier-one support portal to escalate a ticket was unavailable. It was the perfect storm. That was a terrible experience.
Since then, they've tried to break some of those dependencies, so you can log into the portal when there is an outage. They've updated their status page, so it isn't dependent on the rest of their services. It is getting better. One of our challenges is determining whether an issue is a feature request or a bug. Our account manager tells us something is a bug, while the support staff keeps telling us it's a feature request that will be on the roadmap. Indeed, it's a bug that needs to be addressed. It's an issue. The product's not doing something, and we're not asking for something new. We've had to get our account manager involved a couple of times in that scenario. I can think of two cases we've had for that.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
In 2017, we bought a product that seemed like it would solve all our problems on paper. It was going to be the greatest product ever. However, when it came time to implement it, we learned that the product we were promised didn't exist. It was a challenge to get everything to work. It took us six months to onboard a single application for single sign-on. That is no exaggeration. When we moved to OneLogin, we could onboard that application in minutes.
We purchased another product, but we ultimately realized it wasn't a good fit for us as a customer or for them as the provider. They were just as frustrated as we were that they couldn't perform to our level of expectations even though we're talking about a basic core service they couldn't provide. Before that, everything was developed in-house. We had custom-developed solutions to make single sign-on work.
How was the initial setup?
Setting up OneLogin is straightforward. Their onboarding is streamlined, and the onboarding engineer was knowledgeable of the product. We were up and running on our basic apps quickly, and they were responsive during the onboarding process. We had a nice onboarding experience with checklists as we went through and got the service operational. The onboarding experience was great.
We had three system admins from our organization. It was me and two of my employees. After deployment, it requires little maintenance. We use the product rather than maintain it. We add new applications to the portfolio, look at the logs, and check in on some of the processes that we built around it.
What about the implementation team?
We worked with an implementation consultant, a professional services manager, and an implementation consultant from OneLogin. Once our contracts were all signed, we had our account manager who brought in the onboarding engineer. We scheduled regular calls with that onboarding engineer to work through a checklist of what we needed to do to start leveraging the service in production.
What's my experience with pricing, setup cost, and licensing?
I don't know what will happen at the end of my five-year contract. It's no longer purely OneLogin. Now it's OneLogin by One Identity, so I don't know about their current pricing model. Price was a deciding factor when I bought the product several years ago. When we compared products, OneLogin had a price advantage over similar services. However, we found that their competitors could do things OneLogin couldn't.
We were happy with the price we got when we signed up, but I don't know what will happen when the time comes to renew because it is a different company now. We haven't seen any pricing models or had that discussion yet. My renewal is a year and a half away. It's worth what we're paying for it. There's no way we could provide the level of service for cheaper or try to do the same in-house.
Which other solutions did I evaluate?
We evaluated some of the competitors in the market and got a recommendation from another college in our state that we work with on other projects. They were using OneLogin and gave a glowing recommendation. That's how we ended up finding OneLogin and doing a demo. We also talked to some similar service providers out there.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Last updated: Feb 8, 2023
Flag as inappropriate
Director of IT at a venture capital & private equity firm with 11-50 employees
Great pricing, saves costs, and doesn't have a big learning curve
Pros and Cons
- "It's super useful to have a single pane of glass when it comes to access management."
- "I would like better reporting from SmartFactor Authentication when a user is not able to sign in due to a new location, new IP, new device, et cetera."
What is our primary use case?
We use it primarily as an identity provider. Beyond that, we use the SSO and SAML components. Additionally, we utilize their SmartFactor Authentication to prevent dictionary attacks. This is an additional security measure.
How has it helped my organization?
We needed the solution primarily as an identity provider. We needed something that was cloud-based and not Microsoft-based. We were primarily Mac users and still are to a large degree.
It has helped with compliance and instituted a security measure that isn't very common with other solutions, at least not that I've seen, like putting MFA or second-factor authentication before the password prevents dictionary attacks. Dictionary attacks are when people try to access a given site, whether we SSO or SAML to it or directly to OneLogin itself to gain access to any of the company services. Putting MFA first prevents people or external threat actors from trying to get someone's password and getting access that way. They need that second authentication before they can even type in their passwords.
What is most valuable?
Given that cybersecurity is the client's concern, SmartFactor Authentication has been really handy in checking off some of those boxes.
It's handy that the desktop feature enables users to log in once and have access to all apps and their OneLogin portal. It's useful to have, especially since it’s centralized, since there's MFA protecting it, and since there are various layers of security there. I would say it's impactful. It's something that we needed.
The adoption rate of the solution in our organization is primary. You can't get access to email without going to OneLogin. In that regard, it's a good thing. We need it and we want it. We're essentially enforcing it and everyone has to use it.
The solution provides us with a single pane of glass for access management across our organization. There are some applications outside of it and that's not really OneLogin's fault. They don't offer SSO or SAML.
It's super useful to have a single pane of glass when it comes to access management. It's great to have everything in one place. It's great to have all the logs there in one place. It's easy to see who accesses what. Especially today, there are so many different systems. Keeping everything in one place makes my job easier.
We have not used Smart Hooks to create custom workflows and integrations.
OneLogin work identity helped to free up our time. It seems like the whole onboarding process, offboarding process, and security are easier.
I'm the primary IT guy. We have a third-party consulting firm as well that helps us out, however, anytime I have to onboard or offboard someone, it makes it so much easier.
The solution affected our experience when working remotely. It made COVID pretty much a breeze. We were not impacted at all in any way. We wanted to structure ourselves that way, to begin with. We didn't want to rely on any on-premises technologies in case there were issues. Any of our users can work from anywhere and that's something that we wanted to do from the get-go. We've definitely been able to do that thanks to OneLogin.
The solution helped save money for our organization, either by optimizing time-intensive processes or by increasing productivity.
It’s hard to say, money-wise, however, definitely with time, it’s saved us incalculable amounts of time. Just having a single place to go to onboard or offboard users makes the whole process a whole lot easier. I tend to deploy licenses, at least from Microsoft, automatically from OneLogin for users. I don't have to go into each separate app and create their account there. I don't have to worry about passwords or MFA for any of those services. There are just tremendous amounts of time saved all around.
What needs improvement?
We use the solution SmartFactor Authentication to adjust authentication flows in real-time, depending on the risk score associated with the login attempt. I honestly haven't found that as useful. It's helpful, however, I've run into an issue where it blocks people from signing in. Essentially, if I'm not paying attention to such and such person failed to log in, it doesn't seem like there's an easy way to alert the admin, "Hey, this person was blocked from signing in and cannot sign in at all," even if they're attempting a legitimate sign in. Therefore, while we do utilize it, we keep it at the highest level, just so that if users are traveling, they will not be bothered most of the time by it.
For now, the only thing that needs to improve is the support. I used to have a really good support experience. I'm not sure now that they were acquired by One Identity, it seemed like that changed. It could just be growing pains, however, I feel like their support lately needs some improvement. The product itself works great.
I would like better reporting from SmartFactor Authentication when a user is not able to sign in due to a new location, new IP, new device, et cetera. That would definitely help.
For how long have I used the solution?
As a company, we've used the solution for well over four years, however, I've used it for four years exactly.
What do I think about the stability of the solution?
Lately, I've been a little disappointed with the stability. We had a few outages recently. I don't know if it was two or three. I do know that they went on for hours. The users couldn't SSO into their sites or apps, and that was a bit unexpected, to be honest, one, that we had an outage like that, and two, that it took so long to resolve.
What do I think about the scalability of the solution?
It's highly scalable. We use it pretty much wherever we can. I like that about it. Even though we don't use the desktop product, that has huge potential as well.
How are customer service and support?
I would've given support really high marks earlier. However, it's not as good anymore. I've submitted a couple of cases that kind of helped me, however, the support staff that I spoke with were not super helpful for one of the cases. They never responded and I didn't feel like following up as I just didn't know if I would get the response I wanted or that I was looking for.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
I did not use a different solution previously. I have used Okta elsewhere and I like it. I've used AD as well back in the day, however, OneLogin and Okta are a step ahead.
How was the initial setup?
I was part of the initial setup. It's been a while now and it is more straightforward. Initially, I needed to get used to the product and figure out where everything is more than anything. I wouldn't call it that complex. The documentation has been getting better, so that definitely goes a long way. I wouldn't describe the setup as too complex. There's a learning curve, however, it's not super high. For the most part, you can find where things are in the various different menus.
We deployed the solution using two or three IT staff. We're a smaller company.
There are around 45 to 50 end-users. Endpoints were around 75 to 80. We do have a variety of different teams, some of which use different software or different applications. We do have a lot of remote users and it has worked flawlessly for them for the most part work. We've had contractors use it and it has worked flawlessly there also. It's pretty robust and pretty simple to set up new users and give them access to whatever they need.
The solution requires occasional maintenance that is done internally. We look through the logs or look through access.
What about the implementation team?
We did not use an integrator or reseller or consultant for the deployment of the solution.
What was our ROI?
I would say we have seen an ROI, especially in terms of time for IT, time, and security.
What's my experience with pricing, setup cost, and licensing?
The pricing is great and competitive. It's right around where Okta is, and maybe a little cheaper. I
Which other solutions did I evaluate?
I came into the company and they were already using it. I didn't see a need to change. I know Okta is growing alongside OneLogin. However, I haven't really seen a need to change.
What other advice do I have?
We do not use OneLogin desktop feature to extend SSO and Mac OS or Windows machines. I am considering it, however, I know there are also other offerings. We utilize Kandji for Mac MDM and I'm considering trialing that. As far as Windows goes, we have Intune set up and they do SSO. There's no need for a OneLogin client on their desktop. We had that set up before the OneLogin offering, so we just kept to it as is.
We have not used Smart Hooks to create custom workflows and integrations. We use various clouds for our deployment, including Microsoft and Google.
I'd rate the solution overall an eight out of ten. The biggest factor for me from giving it the highest score right now is the support.
The ease of use as far as deploying the users or connecting fast applications is straightforward. Sometimes you do require the help of documentation, however, when you do, the documentation is there and it is thorough. It's a lot more straightforward than something like Active Directory, however, it's not really an apples-to-apples comparison.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Google
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Last updated: Jul 14, 2022
Flag as inappropriateBuyer's Guide
OneLogin by One Identity
March 2023

Learn what your peers think about OneLogin by One Identity. Get advice and tips from experienced pros sharing their opinions. Updated: March 2023.
687,256 professionals have used our research since 2012.
Manager, Information Technology at a hospitality company with 51-200 employees
Easy to use, maintenance-free, and helps us to provide a better user experience
Pros and Cons
- "The most valuable feature is the ease with which we can manage the sign-on feature."
- "This product doesn't necessarily provide us with all of the functionality that we need, such as being able to share passwords with external users."
What is our primary use case?
We use this solution predominantly as our authentication provider for most or all SAML single sign-on services. We also use it as a tool to share passwords between users that need to have a centralized password database.
They are the authentication provider but we use it for multifactor authentication as well.
The service we use is where the users are on-premise with the network, then they bypass any single sign-on features. It just logs in.
We have six locations that are all connected by WAN VPN tunnels. Active Directory is being used to replicate the user accounts, and that replicates up to both Mircosoft, which is our primary single sign-on solution, and then to OneLogin. We use Microsoft for email, SharePoint, etc., and we use OneLogin as the authentication provider currently for that.
How has it helped my organization?
This product has removed barriers for users to log into multiple services, so it provides a better user experience.
Although this solution hasn't meant a reduction in the number of IT staff, it's provided easier management capabilities for them.
What is most valuable?
The most valuable feature is the ease with which we can manage the sign-on feature.
We use the SmartFactor Authentication to adjust authentication workflows in real-time, and we haven't had any major issues with the experience that it provides. Users like the fact that they're not prompted all of the time, however, if they are prompted when there is some kind of concern then it makes them happier from that perspective. Some of our users forget they even have multifactor authentication because they don't necessarily get prompted for it often. That can be a challenge sometimes but overall, it's a good solution.
Using OneLogin has improved our user experience for employees working remotely. It provides a more streamlined approach to securing those features.
What needs improvement?
This product doesn't necessarily provide us with all of the functionality that we need, such as being able to share passwords with external users. It does with regards to single sign-on solutions but there are other non-single sign-on tools that we utilize. For example, we use LastPass for some of our services because it allows us to share passwords with external vendors.
This solution needs to offer better management of non-single sign-on applications. It should offer the ability to provide secure password management, with either an external party and/or better sharing.
In that same bracket, it would be nice to have password management where the websites or the tool requires two-factor authentication. In LastPass, you can support the one-time password if it's embedded into the LastPass profile for that application, which means that multiple users can use that from within LastPass. Having that feature and being able to do that in OneLogin would be huge.
For how long have I used the solution?
I have been using OneLogin by One Identity for at least six years.
What do I think about the stability of the solution?
It's been very stable up until recently. During the last three months, there's been a couple of pretty big outages that have affected my user base pretty heavily. This is because everything we do is through Microsoft, and people couldn't log into anything.
Also, not just our Microsoft solution but our financial package, et cetera is all done through single sign-on, so I had pretty much a dead workforce for a day, which is pretty significant. But other than those two times, I haven't had any other outages.
What do I think about the scalability of the solution?
This product is highly utilized in our environment. Adoption of this solution is forced in our organization, so the users don't get a decision on the matter.
How are customer service and support?
The technical support team is responsive. They are good.
I would rate the technical support and eight out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
Prior to OneLogin, we used AD FS.
One problem with AD FS is that it's very costly. We had to spin up virtual servers to accommodate it, and it wasn't as flexible in creating new applications with single sign-on.
Also, OneLogin lets you provide other features whereby you can manage all of the applications that aren't single sign-on, and SAML-specific. It's a bit of a different tool. It provides me with all of the things that AD FS produced or utilized, but it added on other features which have helped with single sign-on, multifactor authentication, and access to other password tools.
We use several tools including LastPass and Microsoft Azure Single Sign On.
The reason that we use LastPass is that it allows us to share passwords with external users. We use Microsoft Azure for some services because it's more of an automated stream and flow, for the way that our Active Directory is set up.
We have multiple tools but OneLogin is our primary one.
How was the initial setup?
The initial setup is pretty straightforward for people that understand single sign-on and how to set that up. There isn't anything that's particularly complex.
It is a SaaS solution and it replicates from an on-premises Active Directory.
What about the implementation team?
I handled the deployment myself, so only one person is required.
What was our ROI?
I haven't specifically calculated ROI for this product. Although I would say that we need to have a tool that does this, whether OneLogin is the best for us now, I don't know, based on Azure and Microsoft upping their service solutions.
There is time being saved by not having multiple accounts, and as such, I expect that this solution has helped us to save money by either optimizing time-intensive processes or increasing productivity, but I don't have the data to quantify it or tell you exactly what it looks like.
What's my experience with pricing, setup cost, and licensing?
The price of the licensing is fine.
Which other solutions did I evaluate?
We initially began looking at it because we wanted to have a streamlined login process for multiple services, we didn't want to have people with multiple credentials everywhere.
At the time, Microsoft didn't have a very good single sign-on solution; they were using local on-premise servers and I wanted something that was cloud-based. I wanted it to have high availability and be easy to manage.
What other advice do I have?
My advice for anybody who is considering OneLogin is to ensure that it's the right product they're looking for. They should be utilizing single sign-on as a majority, and not looking to share passwords externally or with third parties.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Last updated: Nov 14, 2022
Flag as inappropriateControl System Cybersecurity Analyst at a energy/utilities company with 201-500 employees
Easy access, and allows for simple onboarding and offboarding
Pros and Cons
- "Once I made the OneLogin ID, it would essentially make user names and passwords for every application that we had."
- "To offboard, you have to manually click on this checklist, each of the checkmarks. It would actually be really nice if, for offboarding someone, you just click "offboard" and it automatically runs a script to do that."
What is our primary use case?
The solution is a single sign-on for a control systems integrator startup that I was the systems administrator for. We linked it with several other applications just to give our employees a one-stop-shop portal to get to all of the other applications they needed to use, based on their role within the company and who needed access to what.
How has it helped my organization?
It was really well accepted by pretty much everybody at the company. If somebody got locked out of something, it was really easy to figure out how to get them back up and running. It was really, really easy. It was very, very intuitive. The whole application was just intuitive. It was easy to understand. It was easy to come to grips with stuff. If I couldn't figure out how to do something, then the support articles were pretty darn and helpful as well.
What is most valuable?
Something I really liked about the product was how easy it was to onboard and offboard people. Onboarding people took maybe 10 to 15 minutes overall. Once we had it connected to everything, once I made the OneLogin ID, it would essentially make user names and passwords for every application that we had.
What needs improvement?
When you offboard someone on OneLogin, there's this checklist of stuff. However, basically, you have to manually click on this checklist, each of the checkmarks. It would actually be really nice if, for offboarding someone, you just click "offboard" and it automatically runs a script to do that.
It's not like a massive amount of time. Still, it'd be kind of nice just to hit one button and be say all right, I've offboarded these people. I click the button and they're out.
I'm a cybersecurity guy and I found that the two-factor authentication offering they have (if you don't buy one of their other products) is pretty basic. It'd be nice to have something a bit more advanced included, however, that's probably just me wishing.
For how long have I used the solution?
I've used the solution for eight to ten months. It's been just under a year.
I believe the solution had been implemented in the company the year before I had worked in the automation group.
What do I think about the stability of the solution?
It was really stable. It was actually really nice and easy to pick up and learn. It would work, it would do what it needed to do. Thankfully, my predecessor had left some documentation on how to do stuff, however, it was pretty simple and easy to follow stuff as well. It wasn't that difficult to get the hang of.
What do I think about the scalability of the solution?
It was definitely scalable. I was administrating it at the start of the pandemic, so we scaled down and then we scaled up as needed. It was very, very scalable. We have between 50 and 100 people on it in the company.
99% of the people who weren't me just used it to get to the stuff they were working with. I was doing most of the work with it. I wouldn't say excessively used at all.
How are customer service and support?
I didn't use their tech support a bunch. The one big issue I had with OneLogin wasn't actually OneLogin's fault. I was trying to do an integration with ADP so that our employees when I was working there, could basically access their W2's and all that. They were very responsive through tech support. I didn't have any issues getting in touch with them. They usually got back to me within the day. They were very helpful.
How was the initial setup?
I didn't do the integration, I just did the administration after it had been integrated. That said, it was SaaS as far as I'm aware.
I handled maintenance. We didn't have a ton of maintenance to do, or updates or anything of that nature. Once we got it up and running, it was essentially just basically making sure that the bill got paid.
What's my experience with pricing, setup cost, and licensing?
The pricing for the base solution was fine. There's a separate product they do for two-factor authentication. It's extra. There is OneLogin Adaptive, they changed the name of it, which was a bit too expensive for Adaptive two-factor authentication. Other than that, I thought the price was right. We were pretty frugal over at my company when I worked there.
I can't recall if we purchased directly from OneLogin or from a reseller.
What other advice do I have?
I was a customer and an end-user.
I'd rate the solution at an eight out of ten.
It's a nice SSO. Just know that if you want a more proper security suite for access, it's going to cost you more money. The basic package is just very basic two-factor authentication.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Information Technology Systems Administrator at a comms service provider with 201-500 employees
Onelogin has adapted to become reliable and supportive in customer service.
Pros and Cons
- "When it comes to access management, the solution's single pane of glass is extremely important. The single pane of glass for access management enables collaborative work between IT and security. We have access to certain applications that require device trust. Based on the role, we can access those applications through OneLogin Desktop."
- "The solution keeps going down for many hours, which impacts the entire company. You can't access any applications. OneLogin Desktop has a huge problem where it locks your computers and you need to reset the whole computer, which is pretty insane."
What is our primary use case?
We primarily use Onelogin for SSO, but have been using the service for device trust as well.
How has it helped my organization?
It has made things easier to manage. All users obtain the correct apps to deliver on their role without much Admin intervention after Onboarding.
What is most valuable?
The most valuable features are SSO and device trust. These features secure our application access and our device access.
What needs improvement?
One area where Onelogin may improve is on the Onelogin Desktop reporting side. Onelogin does provide reporting on the devices in the admin portal, but data is not updated and only written at the installation of the application.
For how long have I used the solution?
I have been using it for about three years.
What do I think about the stability of the solution?
No issues while in uptime, but we have seen a few service outages.
What do I think about the scalability of the solution?
The user base keeps expanding in Onelogin, I have not seen degradation through expansion.
What's my experience with pricing, setup cost, and licensing?
The pricing and licensing are reasonable. It is much cheaper than other products.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Last updated: Nov 21, 2022
Flag as inappropriate
Buyer's Guide
Download our free OneLogin by One Identity Report and get advice and tips from experienced pros
sharing their opinions.
Updated: March 2023
Product Categories
Identity and Access Management as a Service (IDaaS) (IAMaaS) Single Sign-On (SSO) User Provisioning Software Identity Management (IM) Access ManagementPopular Comparisons
Okta Workforce Identity
Fortinet FortiAuthenticator
Azure Active Directory (Azure AD)
One Identity Manager
Google Cloud Identity
LastPass Business
Cisco ISE (Identity Services Engine)
SailPoint IdentityIQ
NetFortris Total Control VPN
F5 BIG-IP Access Policy Manager (APM)
Thales SafeNet Trusted Access
Fortra's Powertech Identity & Access Manager
Buyer's Guide
Download our free OneLogin by One Identity Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Looking for an Identity and Access Management product for an energy and utility organization
- Is SSO safe?
- Which is the best Privileged Account Management solution?
- What are your best practices for Identity and Access Management (IAM) in the Cloud?
- Why is identity and access management (IAM) so important in preventing data breaches?
- What access management tools would you recommend to help with GDPR compliance?
- How to convince a client that Identity and Access Management (IdAM) is essential for risk elimination?
- What are the differences between LDAP and Active Directory?
- How is Zero Trust different from the Least Privileged model?
- What is the difference between IDAM , PIM and PAM?