OneLogin by One Identity Reviews

We've been a OneLogin customer for several years now. While I like the platform, there have been some challenges. A great example is the amount of work needed with that webhook for the enrollment user experience. This functionality is native to some competing products. That's one area where we've leaned on our account rep over the years. They shouldn't rely on the customer to make this experience better. This is one feature request that hasn't been implemented yet. At the same time, they've implemented other features we've requested. One is the ability to use a personal email address as a factor. Initially, they didn't have that. We pushed hard on our account team for about two years before it was finally released. It's a give-and-take. Some of the product's features aren't perfect, but we've had some success pushing fixes to the development team that needs to happen. They've done a decent job. However, there are some fixes that they don't have an interest in. A lot of what I described was before OneLogin was acquired by Quest/One Identity. Things have changed. It doesn't feel like they're driving the product as OneLogin was. It may be because it's a new product to them, and they're still trying to get the lay of the land, process feature requests, etc., but it's not moving as fast as before. We've been experiencing some pain points since the acquisition. For example, there have been some outages we didn't see previously, which are a big topic with my executive team. You have hundreds of applications relying on this service for login. If the service is unavailable, nobody can log into these applications. The issues have high visibility. It's gotten better, but it's still there. It raises questions about whether One Identity can support the platform they've acquired. How are they enhancing the product? And how are they supporting the product and the service in the future? Those are two essential questions. There are also lots of nice-to-haves, but that's the case with any product.

We use the solution SmartFactor Authentication to adjust authentication flows in real-time, depending on the risk score associated with the login attempt. I honestly haven't found that as useful. It's helpful, however, I've run into an issue where it blocks people from signing in. Essentially, if I'm not paying attention to such and such person failed to log in, it doesn't seem like there's an easy way to alert the admin, "Hey, this person was blocked from signing in and cannot sign in at all," even if they're attempting a legitimate sign in. Therefore, while we do utilize it, we keep it at the highest level, just so that if users are traveling, they will not be bothered most of the time by it. For now, the only thing that needs to improve is the support. I used to have a really good support experience. I'm not sure now that they were acquired by One Identity, it seemed like that changed. It could just be growing pains, however, I feel like their support lately needs some improvement. The product itself works great. I would like better reporting from SmartFactor Authentication when a user is not able to sign in due to a new location, new IP, new device, et cetera. That would definitely help.

This product doesn't necessarily provide us with all of the functionality that we need, such as being able to share passwords with external users. It does with regards to single sign-on solutions but there are other non-single sign-on tools that we utilize. For example, we use LastPass for some of our services because it allows us to share passwords with external vendors. This solution needs to offer better management of non-single sign-on applications. It should offer the ability to provide secure password management, with either an external party and/or better sharing. In that same bracket, it would be nice to have password management where the websites or the tool requires two-factor authentication. In LastPass, you can support the one-time password if it's embedded into the LastPass profile for that application, which means that multiple users can use that from within LastPass. Having that feature and being able to do that in OneLogin would be huge.