Product and service reviews are conducted independently by our editorial team, but we sometimes make money when you click on links. Learn more.
 

How to Setup OneLogin

By - Source: Toms IT Pro

If your company’s single sign-on solution is OneLogin, make sure you set it up properly to keep data secure.

Credit: Gaudilab/ShutterstockCredit: Gaudilab/ShutterstockOneLogin is a single sign-on and identity management service, and as the name implies, users only need one username and password for multiple services and web apps. This tool boosts convenience and efficiency for employees who no longer must keep a pocket book full of passwords or worse, use the same password for everything, jeopardizing security. Even though employees have one login, security protocols are customizable by IT departments to include multi-authentication for login and IP address restrictions.

OneLogin already has more than 5,000 pre-integrated applications that employees can easily access from one location, and other applications can be integrated into the system, including in-house applications for your company.

MORE: Best Single Sign-On Solutions

This guide will walk you through the simple steps to implementing OneLogin for your small-to-medium business.

Choose the Right Plan

OneLogin features multiple pricing plans that include different features. Pricing is based on how many users ultimately need it. The free version allows single sign-on for up to three third-party applications and five of your own applications, and if you want access to unlimited applications, it's a monthly cost of $2 per employee. Both versions lack OneLogin's security features such as multi-authentication and IP address restrictions.

The next level is the Enterprise version has a monthly cost of $4 per user and the Unlimited plan for $8 per user which comes with advanced security features such as real-time user provisioning. Enterprise and Unlimited both come with premium 24/ 7 support.

The plan that's best for your company will likely come down to how much security you require for certain applications. If you need access to basic apps such as Microsoft Office 365 and Slack, the free or Starter plan may be more cost effective for you, although the Starter plan requires a minimum of 25 users. If you need access to multiple custom applications such as server maintenance pages, you will likely want stronger security options offered by the Enterprise and Unlimited plans. You'll be able to set access to certain applications for certain devices or only devices connected to the local IP address.

Editor's note: Looking for an SSO solution for your business? If you're looking for information to help you choose the one that's right for you, use the questionnaire below to be contacted by vendors with additional information:

Set up for Admin

Start by selecting a subdomain for your employee portal for web applications. You'll likely want it to be the name of your company or department as it will appear as "yourcompany.onelogin.com." OneLogin is cloud-based, so you don't need to host anything on your own servers.

Next, add your employees to the service. You can add your users manually or by importing from a directory. It can import from several popular directory services such as Google Apps, Namely and Workday, as well as other programs with LDAP or active directory. Each user is assigned and emailed a password, which they can change on their own.

Finally, add the applications your employees need. You'll be able to browse and search for the thousands of applications that are pre-integrated with the service. If you have a web application that's not on the list there are a few ways to add them to the service. Security Assertion Markup Language (SAML), WS-Federation, API  can be used to integrate your company's own applications. Full instructions for integrating apps internally can be found on OneLogin's help center. For other third-party cloud applications, OneLogin can automatically sign-in with store passwords through its browser extension.

From here you'll be able to set individual permissions and app access for different users or groups of users called rolls. Using the user login information for individual apps you can set new users up to immediately log into apps the first time they select them from the portal, or you can set them to enter in their login information for just the first-time they select the app. 

Setting up for Users

Once everything is in place you'll be able to send out emails to users with their passwords. Their login username will be their company email address and they'll be able to change their passwords through their dashboard.

For some applications, mostly login form-based ones, the user must enter their original login information the first time. It will then be stored with OneLogin for future use.

Depending on the permission you set for each user, they can edit the username and password of certain applications, they can add non-company applications such as social media for their own convenience and they can edit other aspects of their profile.

Setting up Multi-Factor Authentication

If you require more security for company applications and are on the Enterprise or Unlimited plan, you can setup multi-factor authentication for OneLogin. The security settings and permissions for users is highly customizable so you can mix and match certain settings for unique users and roles.
Through settings and policies, you can restrict access to certain or all applications to users who don't login through a designated IP address. So, if an employee isn't onsite and not connected to your company network, they won't be able to access those applications.

There are several multifactor authentication options you can also enable, the most common being one-time passwords that are sent to the user's mobile phone through the OneLogin mobile app. Another option is security question application. There are several third-party authentication programs you can integrate, which include physical identification and biometric options.

Additional Training

When signing up with OneLogin, you can request additional training for yourself, fellow administrators and employees through live webinars and how-to videos. They conduct live training courses with Q&A sections every month that you can reserve spots for.

Photo credit: Guadilab/Shutterstock
Comments