Archive for April, 2010

Multiple Roles per User

A much requested feature in OneLogin is the ability to assign multiple roles to a user. This means you can break down your roles into smaller and more manageable entities and create layers of privileges. Consider an organization with three departments.

  • Everyone uses Google Apps, Confluence
  • Sales uses Salesforce and PivotLink
  • Customer service uses Zendesk, Get Satisfaction and CoTweet
  • Marketing uses Google Analytics, MailChimp and SurveyGizmo

In OneLogin, we can model this scenario using four roles: Employee, Sales, Customer Service and Marketing. By assigning everyone the Employee role as well a department role, we get a much more manageable setup which allows us to add and remove apps at different layers.

  • Amanda: Employee, Marketing – Google Apps, Confluence, Google Analytics, MailChimp, SurveyGizmo
  • Peter: Employee, Sales – Google Apps, Confluence, Salesforce, PivotLink
  • Hannah: Employee, Sales – Google Apps, Confluence, Salesforce, PivotLink
  • Mark: Employee, Customer service – Google Apps, Confluence, Zendesk, GetSatisfaction, CoTweet
  • Joe: Employee, Customer service – Google Apps, Confluence, Zendesk, GetSatisfaction, CoTweet

You can even have overlapping roles, i.e. a user can have two roles with the same app. OneLogin is smart enough to figure out when to add or remove the login for the user. 

When you some day add an expense reporting application, you can simply add it to the Employee role and everyone will see it on their dashboard. Or you could create a Shipping role with a shared FedEx app for individuals across departments who needs to access your online FedEx account.

Read more about roles here.

Branding and LDAP Integration

Today we released a couple of highly requested features: Branding and LDAP Integration.

OneLogin now allows you change the look & feel to the user interface to match that of your brand. Branding can be an important factor in terms of trust, but it also provides your users with a more consistent user experience. The styling is done by overriding OneLogin’s cascading style sheets. You can also provide your own layout for email sent to your employees.

You can read more about the branding functionality here.

OneLogin already had the capability to integrate with Active Directory behind the firewall and now we have added LDAP integration, which can be used on both sides of the firewall. When a user logs into OneLogin, authentication will be delegated to your LDAP server and if the user was not already existing in OneLogin the user will be created on-the-fly.

The LDAP integration works with both Active Directory, OpenLDAP and commercial LDAP products. You can read more about LDAP integration here.