OneLogin
Status: Scaffold — content in progress
OneLogin is a cloud IdP offering SSO, MFA, and user lifecycle management via SAML 2.0 and OIDC. It competes with Okta and is deployed in mid-market enterprises.
Key Features
| Feature | Description |
|---|---|
| SSO Portal | SAML/OIDC app catalog |
| OneLogin Protect | Push MFA authenticator app |
| SmartFactor Authentication | Risk-based MFA |
| SCIM | User provisioning to downstream apps |
| Access Management | Role-based access policies |
Security History
OneLogin disclosed a breach in 2017 where customer data including encrypted SSO keys was accessed — the encrypted keys were used to decrypt session cookies and access downstream applications.
Cross-Links
| Topic | Link |
|---|---|
| SAML | saml |
| Okta Overview | okta-overview |