Systems Engineer at a recreational facilities/services company with 10,001+ employees
Real User
Top 20
2024-09-25T19:48:00Z
Sep 25, 2024
There have been some outages over the years. The uptime has not been great recently, with some outages lasting six, seven, or eight hours. Improvement in the stability of the infrastructure would be beneficial.
I'd like it to have a customization section that displays the company's offerings, categorized by different topics. Ideally, there would be a user-friendly feature at the top allowing individuals to pick and choose the topics they're interested in, essentially creating a personalized experience.
Junior Security Consultant at a computer software company with 11-50 employees
Consultant
Top 20
2024-01-31T15:23:00Z
Jan 31, 2024
One issue was related to the downtime. They have downtime twice a year or once in six months. During the downtime, the SSO page did not come up. When users wanted to get to their email, they were redirected to the OneLogin page, but the page did not come up, and MFA and logins failed. It completely crippled us. In those moments, people did not want to hear about a single pane of glass. We did try to solve it, but it caused issues. Their uptime is 97% or 98%, but most companies prefer 99.9% uptime.
While I initially used OneLogin's desktop feature to extend SSO, I discontinued it two years ago due to limitations. Firstly, the feature lacked day-one support for new macOS versions, forcing me to postpone system updates until OneLogin released a compatible update. Additionally, our adoption of Jump Pro for mobile device management necessitated the use of their native Jump Connect product for broader access management, rendering the OneLogin desktop feature redundant. We're using Meraki, and even though the OneLogin integration works fine, it doesn't pass one specific tag that Meraki just ignores. I've been back and forth with both Meraki and OneLogin support trying to figure it out, but they keep blaming each other.
IT Director at Florida State College at Jacksonivlle
Real User
Top 20
2023-01-10T20:07:00Z
Jan 10, 2023
We've been a OneLogin customer for several years now. While I like the platform, there have been some challenges. A great example is the amount of work needed with that webhook for the enrollment user experience. This functionality is native to some competing products. That's one area where we've leaned on our account rep over the years. They shouldn't rely on the customer to make this experience better. This is one feature request that hasn't been implemented yet. At the same time, they've implemented other features we've requested. One is the ability to use a personal email address as a factor. Initially, they didn't have that. We pushed hard on our account team for about two years before it was finally released. It's a give-and-take. Some of the product's features aren't perfect, but we've had some success pushing fixes to the development team that needs to happen. They've done a decent job. However, there are some fixes that they don't have an interest in. A lot of what I described was before OneLogin was acquired by Quest/One Identity. Things have changed. It doesn't feel like they're driving the product as OneLogin was. It may be because it's a new product to them, and they're still trying to get the lay of the land, process feature requests, etc., but it's not moving as fast as before. We've been experiencing some pain points since the acquisition. For example, there have been some outages we didn't see previously, which are a big topic with my executive team. You have hundreds of applications relying on this service for login. If the service is unavailable, nobody can log into these applications. The issues have high visibility. It's gotten better, but it's still there. It raises questions about whether One Identity can support the platform they've acquired. How are they enhancing the product? And how are they supporting the product and the service in the future? Those are two essential questions. There are also lots of nice-to-haves, but that's the case with any product.
Manager, Information Technology at a hospitality company with 51-200 employees
Real User
2022-06-29T22:46:00Z
Jun 29, 2022
This product doesn't necessarily provide us with all of the functionality that we need, such as being able to share passwords with external users. It does with regards to single sign-on solutions but there are other non-single sign-on tools that we utilize. For example, we use LastPass for some of our services because it allows us to share passwords with external vendors. This solution needs to offer better management of non-single sign-on applications. It should offer the ability to provide secure password management, with either an external party and/or better sharing. In that same bracket, it would be nice to have password management where the websites or the tool requires two-factor authentication. In LastPass, you can support the one-time password if it's embedded into the LastPass profile for that application, which means that multiple users can use that from within LastPass. Having that feature and being able to do that in OneLogin would be huge.
Information Technology Systems Administrator at Auditboard
Vendor
2022-06-25T19:26:00Z
Jun 25, 2022
One area where Onelogin may improve is on the Onelogin Desktop reporting side. Onelogin does provide reporting on the devices in the admin portal, but data is not updated and only written at the installation of the application.
Director of IT at a venture capital & private equity firm with 11-50 employees
Real User
2022-06-22T08:23:00Z
Jun 22, 2022
We use the solution SmartFactor Authentication to adjust authentication flows in real-time, depending on the risk score associated with the login attempt. I honestly haven't found that as useful. It's helpful, however, I've run into an issue where it blocks people from signing in. Essentially, if I'm not paying attention to such and such person failed to log in, it doesn't seem like there's an easy way to alert the admin, "Hey, this person was blocked from signing in and cannot sign in at all," even if they're attempting a legitimate sign in. Therefore, while we do utilize it, we keep it at the highest level, just so that if users are traveling, they will not be bothered most of the time by it. For now, the only thing that needs to improve is the support. I used to have a really good support experience. I'm not sure now that they were acquired by One Identity, it seemed like that changed. It could just be growing pains, however, I feel like their support lately needs some improvement. The product itself works great. I would like better reporting from SmartFactor Authentication when a user is not able to sign in due to a new location, new IP, new device, et cetera. That would definitely help.
Control System Cybersecurity Analyst at a energy/utilities company with 201-500 employees
Real User
2022-01-12T16:32:38Z
Jan 12, 2022
When you offboard someone on OneLogin, there's this checklist of stuff. However, basically, you have to manually click on this checklist, each of the checkmarks. It would actually be really nice if, for offboarding someone, you just click "offboard" and it automatically runs a script to do that. It's not like a massive amount of time. Still, it'd be kind of nice just to hit one button and be say all right, I've offboarded these people. I click the button and they're out. I'm a cybersecurity guy and I found that the two-factor authentication offering they have (if you don't buy one of their other products) is pretty basic. It'd be nice to have something a bit more advanced included, however, that's probably just me wishing.
Team Manager at a tech services company with 51-200 employees
Real User
2020-02-06T11:37:15Z
Feb 6, 2020
With OneLogin, I haven't found anything that I thought particularly needed an upgrade. The features that they have provided are absolutely fine with me. When it comes to our organization's requirements, it changes from time to time, so the features we need might change in the future as well. In terms of managing the users on a large scale, it would be easier if they had some kind of user management portal. Device management could be added to the solution. Users should be able to have a custom device added to the enterprise edition of the portal. From there, users should be able to add any device and use the solution to login. The user management is supplied via a plugin and should probably just come standard within the solution itself.
Regional Operations Manager at Tech Mahindra Limited
Real User
2019-04-11T10:03:00Z
Apr 11, 2019
OneLogin needs to increase the number of connectors available out of the box to connect to the different endpoints. The number of out-of-box connectors should be increased. If more of the out-of-box connectors are made more available, the product would be improved. I believe that the user interface can be a little better on OneLogin. The downtime with OneLogin is something that will keep improving, but it's fine. The pricing is quite competitive compared to other products. I would like to see easier UI customization and things like that. It should be easier to configure the settings of OneLogin based on the customer's needs.
OneLogin by One Identity is a cloud-based access management solution for the modern enterprise. It delivers secure access for every user, every app and every device to meet an organization’s Workforce and Customer and Identity and Access Management (CIAM) needs.
OneLogin provides secure single sign-on, multi-factor authentication (supporting a wide array of passwordless authentication factors), adaptive authentication, desktop-level MFA, directory integration with AD, LDAP, G Suite and other...
There have been some outages over the years. The uptime has not been great recently, with some outages lasting six, seven, or eight hours. Improvement in the stability of the infrastructure would be beneficial.
I'd like it to have a customization section that displays the company's offerings, categorized by different topics. Ideally, there would be a user-friendly feature at the top allowing individuals to pick and choose the topics they're interested in, essentially creating a personalized experience.
One issue was related to the downtime. They have downtime twice a year or once in six months. During the downtime, the SSO page did not come up. When users wanted to get to their email, they were redirected to the OneLogin page, but the page did not come up, and MFA and logins failed. It completely crippled us. In those moments, people did not want to hear about a single pane of glass. We did try to solve it, but it caused issues. Their uptime is 97% or 98%, but most companies prefer 99.9% uptime.
While I initially used OneLogin's desktop feature to extend SSO, I discontinued it two years ago due to limitations. Firstly, the feature lacked day-one support for new macOS versions, forcing me to postpone system updates until OneLogin released a compatible update. Additionally, our adoption of Jump Pro for mobile device management necessitated the use of their native Jump Connect product for broader access management, rendering the OneLogin desktop feature redundant. We're using Meraki, and even though the OneLogin integration works fine, it doesn't pass one specific tag that Meraki just ignores. I've been back and forth with both Meraki and OneLogin support trying to figure it out, but they keep blaming each other.
The tool must be made more robust.
We've been a OneLogin customer for several years now. While I like the platform, there have been some challenges. A great example is the amount of work needed with that webhook for the enrollment user experience. This functionality is native to some competing products. That's one area where we've leaned on our account rep over the years. They shouldn't rely on the customer to make this experience better. This is one feature request that hasn't been implemented yet. At the same time, they've implemented other features we've requested. One is the ability to use a personal email address as a factor. Initially, they didn't have that. We pushed hard on our account team for about two years before it was finally released. It's a give-and-take. Some of the product's features aren't perfect, but we've had some success pushing fixes to the development team that needs to happen. They've done a decent job. However, there are some fixes that they don't have an interest in. A lot of what I described was before OneLogin was acquired by Quest/One Identity. Things have changed. It doesn't feel like they're driving the product as OneLogin was. It may be because it's a new product to them, and they're still trying to get the lay of the land, process feature requests, etc., but it's not moving as fast as before. We've been experiencing some pain points since the acquisition. For example, there have been some outages we didn't see previously, which are a big topic with my executive team. You have hundreds of applications relying on this service for login. If the service is unavailable, nobody can log into these applications. The issues have high visibility. It's gotten better, but it's still there. It raises questions about whether One Identity can support the platform they've acquired. How are they enhancing the product? And how are they supporting the product and the service in the future? Those are two essential questions. There are also lots of nice-to-haves, but that's the case with any product.
This product doesn't necessarily provide us with all of the functionality that we need, such as being able to share passwords with external users. It does with regards to single sign-on solutions but there are other non-single sign-on tools that we utilize. For example, we use LastPass for some of our services because it allows us to share passwords with external vendors. This solution needs to offer better management of non-single sign-on applications. It should offer the ability to provide secure password management, with either an external party and/or better sharing. In that same bracket, it would be nice to have password management where the websites or the tool requires two-factor authentication. In LastPass, you can support the one-time password if it's embedded into the LastPass profile for that application, which means that multiple users can use that from within LastPass. Having that feature and being able to do that in OneLogin would be huge.
One area where Onelogin may improve is on the Onelogin Desktop reporting side. Onelogin does provide reporting on the devices in the admin portal, but data is not updated and only written at the installation of the application.
We use the solution SmartFactor Authentication to adjust authentication flows in real-time, depending on the risk score associated with the login attempt. I honestly haven't found that as useful. It's helpful, however, I've run into an issue where it blocks people from signing in. Essentially, if I'm not paying attention to such and such person failed to log in, it doesn't seem like there's an easy way to alert the admin, "Hey, this person was blocked from signing in and cannot sign in at all," even if they're attempting a legitimate sign in. Therefore, while we do utilize it, we keep it at the highest level, just so that if users are traveling, they will not be bothered most of the time by it. For now, the only thing that needs to improve is the support. I used to have a really good support experience. I'm not sure now that they were acquired by One Identity, it seemed like that changed. It could just be growing pains, however, I feel like their support lately needs some improvement. The product itself works great. I would like better reporting from SmartFactor Authentication when a user is not able to sign in due to a new location, new IP, new device, et cetera. That would definitely help.
When you offboard someone on OneLogin, there's this checklist of stuff. However, basically, you have to manually click on this checklist, each of the checkmarks. It would actually be really nice if, for offboarding someone, you just click "offboard" and it automatically runs a script to do that. It's not like a massive amount of time. Still, it'd be kind of nice just to hit one button and be say all right, I've offboarded these people. I click the button and they're out. I'm a cybersecurity guy and I found that the two-factor authentication offering they have (if you don't buy one of their other products) is pretty basic. It'd be nice to have something a bit more advanced included, however, that's probably just me wishing.
With OneLogin, I haven't found anything that I thought particularly needed an upgrade. The features that they have provided are absolutely fine with me. When it comes to our organization's requirements, it changes from time to time, so the features we need might change in the future as well. In terms of managing the users on a large scale, it would be easier if they had some kind of user management portal. Device management could be added to the solution. Users should be able to have a custom device added to the enterprise edition of the portal. From there, users should be able to add any device and use the solution to login. The user management is supplied via a plugin and should probably just come standard within the solution itself.
OneLogin needs to increase the number of connectors available out of the box to connect to the different endpoints. The number of out-of-box connectors should be increased. If more of the out-of-box connectors are made more available, the product would be improved. I believe that the user interface can be a little better on OneLogin. The downtime with OneLogin is something that will keep improving, but it's fine. The pricing is quite competitive compared to other products. I would like to see easier UI customization and things like that. It should be easier to configure the settings of OneLogin based on the customer's needs.