OneLogin Trusted Experience Platform (TEP) provides simple and secure, enterprise-wide end-user logins to data and applications using single-sign on and multi-factor authentication. The robust toolset leverages a proprietary machine-learning engine to assess the perceived risk of each login attempt and adjust authentication requirements according to risk level.

OneLogin TEP focuses heavily on the end-user and administrator experience. The platform has an intuitive design while the supplemental troubleshooting documentation provides ample support. We find installing the desktop agent to be straightforward. We did run into some roadblocks but used the provided manuals to find all the answers we needed to implement the solution successfully.

Provisioning connectors that integrate with on-premise and cloud directories simplifies the onboarding and offboarding processes. OneLogin TEP automatically aggregates users and groups. It also streamlines entitlements based on end-user location, role, and other attributes. This process adheres to powerful rules that automatically and accurately enforce intelligent access policies.

Organizations can customize and brand the login page, allowing them to put a personal touch on the platform while OneLogin TEP works on the backend. The platform also provides opportunities for self-service, delegating certain processes, like password resets, to the end-user. While the consumer world may take password resets for granted, IT professionals know firsthand how tedious and cumbersome password resets can become. When individual users forget their passwords, they can usually rectify the problem by requesting a temporary code through email or by answering a few pre-configured security questions. Resetting a password in an enterprise world, however, usually results in several IT tickets. The fact that OneLogin TEP resolves this enterprise-level issue demonstrates its utility for large-scale companies.

In order to protect enterprise identities through strong credentials and multifactor authentication, OneLogin TEP offers several other identity verification methods in addition to passwords, including one-time password push notifications, security questions, biometrics, and more. OneLogin admits end-users into the platform or an application through single sign-on, smart flows, and SmartFactor authentication. SmartFactor authentication uses machine learning to analyze approximately 14 risk metrics related to contextual end-user and session attributes, such as location, IP address, and time of day. This comprehensive analysis then helps to identify and challenge all anomalous login attempts. Single sign-on gives end-users one-click access to all the company’s applications any time, anywhere. OneLogin has an extensive application catalog with a wide range of integrations, including integrations with legacy applications.

Overall, OneLogin Trusted Experience Platform is a solid identity and access management solution that bridges cloud, on-premise, and legacy applications with hybrid support. It offers several authentication options including adaptive MFA and smart factor authentication. The automatization engine accurately applies policies to users and then provisions them into applications, increasing return on investment and productivity. OneLogin TEP sits in the middle of all end-users and applications to ensure end-users have the right credentials and sufficient authorization and to serve as a secure front entrance into resources.

Pricing is $2 per user, per month and includes 8/5 phone and email support. Companies also have access to a searchable knowledgebase and FAQ list. The manuals are effective but need to be updated. Some of the documented steps did not match what we saw on-screen. Additional support options are available for a fee.

Tested by Tom Weil