We are often asked about alternatives to OneLogin. OneLogin is a web application single sign-on platform. SSO is one of the hottest segments of the identity management arena. First generation IDaaS solutions have become a valuable part of the IT management tool set. OneLogin is one of these relatively early IDaaS platforms. Their functionality has expanded a fair amount since their inception in 2009, so let’s look at what OneLogin does today and alternatives to OneLogin for those weighing their options.
The Scope of OneLogin
OneLogin’s general goal has simply been to connect users to the web applications they need to access. Historically, OneLogin has integrated with Microsoft Active Directory® in order to execute this goal. By itself, OneLogin does not profess to be a fully-featured identity management system or directory. While it can act as an add-on to Active Directory, LDAP, Workday, or G Suite directories, it does not include the management features of a full-fledged directory such as Active Directory.
OneLogin will use the SAML protocol as well as the user’s username/password to insert into web application sign-in forms. This is simple and effective for auto-filling in login information that can make accessing apps easier for your user. Unfortunately, there are security concerns. The architecture likely necessitates that the password is encrypted rather than one-way hashed and salted.
Single Sign On (SSO) Alternatives
OneLogin’s solution integrates with thousands of web applications. But there are alternatives in the web application SSO market, most notably, solutions like Okta and Bitium. For those IT organizations looking for more of an on-prem solution, Ping Identity might also be worth evaluating.
It’s worth noting that Okta has staked out its claim on the web app SSO market and is widely believed to be the market leader – but any of the above could work if you’re strictly looking for web app SSO.
Identity-as-a-Service (IaaS) Alternatives
As the cloud identity management market evolves, web app SSO solutions such as OneLogin are turning out to be only a small part of the overall market. Modern IT organizations are looking to reset their view of identity management by replacing Active Directory. Largely viewed as unthinkable a few years ago, savvy IT admins are asking how they can completely shift Active Directory to the cloud.
In this scenario, alternatives to OneLogin become really interesting. A new generation of cloud identity management platform has recently emerged to become the Active Directory replacement. Called Directory-as-a-Service®, this next generation IaaS solution is shifting the entire directory service function to the cloud. Directory-as-a-Service securely manages and connect users to both on-prem and cloud resources. We’re talking about their systems, cloud servers at AWS, G Suite or Office 365, web applications, WiFi networks, on-prem and virtual data storage, and much more. Directory-as-a-Service, as an alternative to OneLogin or Okta replacement, becomes the central user management platform. And it can still integrate with web app SSO platforms, if needed.
Weighing OneLogin Against Other Options
Drop us a note if you would like to learn more about OneLogin alternatives, or more importantly, how the Identity-as-a-Service market is going to evolve. We’d be happy to discuss with you how modern IT organizations are shifting to a comprehensive cloud identity management solution like Directory-as-a-Service. This technical datasheet may help you to better understand how it could work in your environment. Also, feel free to sign up for a JumpCloud® IDaaS account and give it a try for yourself. Your first 10 users are free forever.
This is a Security Bloggers Network syndicated blog post authored by Natalie Bluhm. Read the original post at: JumpCloud