Centralized access has streamlined onboarding and strengthened secure authentication workflows
What is our primary use case?
My primary use case for OneLogin is centralized identity and access management with single sign-on and multi-factor authentication across multiple internal and cloud-based applications. I use OneLogin to manage user authentication for SaaS applications, internal tools, and third-party platforms. Instead of maintaining separate credentials for each application, OneLogin allows me to enforce a single, secure identity for users, which significantly reduces password fatigue and improves security. Additionally, OneLogin helps me with user lifecycle management, such as onboarding, role-based access control, and de-provisioning users when they have left the organization.
A good example of how I use OneLogin for onboarding is when a new employee joins the organization. Once the user is created in my directory, the account is automatically synced to OneLogin. Based on the user's role and department, OneLogin assigns them to predefined roles and groups. On the employee's first day, they receive a single set of credentials and can access all required applications through OneLogin SSO without IT having to manually grant access to each system. This process has significantly reduced onboarding time, minimized access-related errors, and ensured that new hires have secure and immediate access to the tools they need from day one.
What is most valuable?
OneLogin's core value is its SSO capability, which provides a powerful mix of identity and access management for me. Users log in once and get access to all their cloud and on-premises apps via a central portal. This eliminates password fatigue, reduces help desk tickets, and simplifies user workflows across multiple users. OneLogin incorporates risk-based authentication using machine learning. It analyzes context and prompts additional verification only when risk is evaluated. Seamless integration with existing identity sources such as Active Directory, Google Workspace, and others allows admins to centralize identity management.
The single sign-on feature has had the biggest impact on my team, immediately improving productivity and user experience from a day-to-day perspective. Employees no longer need to remember or manage multiple credentials for different applications, which reduced login issues and password reset requests significantly. For the IT team, SSO simplified access management because application access is controlled centrally through OneLogin instead of being handled separately for each system.
While risk-based authentication and identity source integrations are extremely important from a security and automation standpoint, SSO delivered the most visible and immediate value to both end-users and support teams, making it the most impactful feature overall.
OneLogin has positively impacted my organization both from a security and operational standpoint. It helped me standardize authentication across applications by enforcing single sign-on combined with multi-factor authentication. This significantly reduced the risk of weak or reused passwords and improved overall access control. Features such as centralized policies and conditional access also gave me better visibility and control over who can access what. For end-users, the experience is much smoother. Employees can access all required applications from a single portal, which improves productivity and reduces frustration. As a result, I have seen fewer support tickets related to login issues and password resets. Overall, OneLogin has helped me improve security, increase efficiency, and scale my identity management processes as the organization grows.
What needs improvement?
OneLogin has been a good experience, but there is a scope of improvement in every application, especially in the admin user interface and overall usability. For new administrators, the dashboard and configuration screens can feel complex and not always intuitive. Some advanced settings are deeply nested, which increases the learning curve. A more modern, streamlined UI and guided setup flows would improve the admin experience. Reporting and analytics is another area for improvement; while OneLogin provides basic audit logs and reports, more customizable and detailed reporting would be helpful. Additionally, documentation for advanced use cases such as complex integration, custom application, or troubleshooting provisioning issues could be more comprehensive and easier to follow.
Pricing transparency and packaging could be clearer, especially as organizations scale and add more advanced features. Overall, these are incremental improvements rather than major gaps, and addressing them would make OneLogin an even stronger IAM solution.
For how long have I used the solution?
I have been working in my current field for four years.
What do I think about the stability of the solution?
I have had no issues with downtime or reliability; OneLogin has been stable in my experience. Since implementation, I have not encountered significant downtime or system outages that affected end-users. The platform handles authentication requests, SSO, and directory synchronization reliably, even as the number of users and integrated solutions has grown. Overall, OneLogin's stability gives me confidence that it can support my organization's current needs and scale as we grow.
What do I think about the scalability of the solution?
OneLogin's scalability handles growth in both end-user count and the number of integrated applications very well. As my organization expands, adding new employees, departments, or SaaS applications does not negatively impact performance or system reliability. Role-based access controls, automated provisioning, and directory integration scale smoothly, allowing me to maintain consistent policies and workflows even as complexity increases.
How are customer service and support?
The customer support experience was excellent. I have contacted support on a few occasions, mainly for advanced configuration guidance, troubleshooting provisioning issues, and clarifying documentation for complex integrations. In each case, the support team was responsive, knowledgeable, and professional, providing actionable guidance that helped me resolve issues effectively.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
OneLogin is the first solution that I am using; I did not use any previous solution before OneLogin.
Before using OneLogin, I evaluated other options and access management solutions, including Okta, Azure Active Directory, and Ping Identity.
How was the initial setup?
I had a good experience with the user identity synchronization across directories functionality. OneLogin makes it relatively straightforward to integrate with multiple identity sources, including Active Directory, LDAP, and cloud-based directories. This synchronization ensures that any changes made in the primary directory, such as onboarding a new employee, updating roles, or offboarding a departing user, are automatically reflected across all connected applications. This functionality has significantly reduced manual work and errors for my IT team.
What was our ROI?
One of the most tangible benefits has been the time saved for both IT and end-users. With single sign-on and automated user provisioning, onboarding a new employee now takes under an hour compared to several hours or even days previously. Offboarding is instantaneous, which reduces security risk and frees IT resources for other critical tasks. I have also experienced a reduction in help desk support tickets related to password resets and login issues that are roughly 30 to 40 percent lower than before. From a security perspective, the automated lifecycle management and risk-based authentication features have reduced the likelihood of unauthorized access, which, while harder to quantify, protects the organization from potentially costly security incidents.
I have seen clear, measurable improvements since implementing OneLogin, including a reduction in support tickets related to login issues and password resets. After rolling out single sign-on and MFA through OneLogin, password-related tickets dropped by roughly 30 to 40 percent as users no longer needed to manage multiple credentials across different applications. I also saw improvements in onboarding efficiency, with the time required to provision access for a new employee reduced from several hours or even days to under one hour, since most access is now assigned automatically based on roles and groups. I have experienced fewer access-related incidents and better audit readiness due to centralized login and reporting.
What's my experience with pricing, setup cost, and licensing?
Pricing is clear and competitive; while it is not the cheapest solution in the market, I found that the cost is justified given the combination of SSO, MFA, adaptive authentication, and lifecycle management features I receive. The initial setup cost was moderate. Basic single sign-on and directory integrations were straightforward to implement and did not require significant professional services. In terms of licensing, OneLogin's plans are flexible and allow me to scale user count and add advanced features as needed. I was able to align my subscription with the specific features I use, which helped optimize cost without paying for functionality I do not need. Overall, the pricing, setup, and licensing structure are transparent and deliver a good return on investment, especially when considering the operational efficiency and security improvements gained from using OneLogin.
What other advice do I have?
I would like to add a few more points about how I use OneLogin based on my experience. The process has significantly reduced the onboarding time, as I have mentioned.
I do use OneLogin Smart Factor Authentication to adjust authentication flows in real time, though in a targeted way rather than across all use cases. I have configured smart factor policies to evaluate contextual signals such as user location, device, IP reputation, and login behavior. When the risk level is low and the user is logging in from a known device or trusted network, the authentication experience is kept simple. If OneLogin detects higher risk, such as a login attempt from a new location, unfamiliar device, or unusual behavior, it dynamically enforces additional verification steps such as MFA. This approach allows me to maintain strong security without creating unnecessary friction for users during normal, low-risk access.
My impression of OneLogin's ability to provide a seamless end-user experience is very positive. The single sign-on functionality ensures that users only need to remember one set of credentials to access all their applications, which eliminates password fatigue and reduces login-related frustration. Employees can access everything from email to collaboration tools, project management systems, and internal dashboards through a single portal. MFA is integrated smoothly and supports various options such as push notifications, authenticator applications, and biometrics. Overall, the login and authentication experience is intuitive and fast, which has resulted in fewer support tickets, improved productivity, and higher user satisfaction. From a usability perspective, it successfully balances security with convenience, which is essential for widespread adoption across the organization.
I have used the adaptive login flows with Vigilance AI, and they have added an extra layer of security and intelligence to my authentication process. Vigilance AI analyzes contextual signals such as device, location, IP reputation, and user behavior to dynamically assess risk during each login attempt. Based on that assessment, OneLogin adjusts the authentication flow in real time, for example, prompting additional verification steps only when unusual or high-risk activity is detected. This approach has been very effective in reducing the risk of unauthorized access while keeping the experience smooth for trusted users.
The integration of phishing-resistant device trust has had a positive impact on my authentication processes by ensuring that only trusted devices can access my systems. OneLogin adds an additional layer of security beyond traditional credentials and MFA. This reduces the risk of account compromise even if user credentials are exposed, as access attempts from untrusted or unmanaged devices are automatically blocked or require additional verifications. For end-users, the experience remains largely seamless on their managed devices, while potentially risky login attempts are automatically mitigated. Overall, phishing-resistant device trust strengthens security without adding unnecessary friction, making my authentication process both safer and more effective.
The role that HR-driven identity management plays in streamlining employee identity handling in my organization is critical. By integrating OneLogin with my HR systems, I automate key parts of the employee's lifecycle. When a new employee is added to the HR system, OneLogin automatically provisions accounts, assigns roles, and grants access to the necessary applications based on their department and job function. Similarly, when an employee's role changes or leaves the organization, access is updated or revoked automatically. Overall, HR-driven identity management ensures a consistent, efficient, and secure process for managing employee identities, which saves time, reduces risk, and improves the overall user experience.
I would recommend others looking into using OneLogin to plan integrations carefully, identifying which applications, directories, and systems they want to connect upfront. Mapping out roles, user roles, and access policies in advance will make onboarding smoother. Start simple, then expand; begin with core features such as single sign-on and multi-factor authentication. Once a team is comfortable, implement advanced features such as smart factor adaptive authentication and device trust policies. Provide training for IT admins on advanced configurations, and monitor and review policies regularly.
OneLogin has strengthened my security posture, streamlined user onboarding and offboarding, and provided a seamless experience for employees accessing multiple applications. I would rate this solution an eight overall for organizations looking for a robust enterprise IAM solution that balances security and usability.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
