Strong Authentication

OneLogin enables you to centralize access control and apply authentication policies to all users across all apps. Create context sensitive authentication policies based on location, network or behavior, and integrate on-premise enterprise infrastructure with the cloud – all while providing a delightful user experience.

OneLogin Mobile OTP App

Prevent man-in-the-middle hacks and other password breaches with OneLogin’s Mobile One-Time Password App, included free in all OneLogin plans. Users love the wireless push feature which also doubles as an out-of-band authentication solution.

Download Datasheet

Multi-Factor Authentication

Users can be required to use a strong authentication factor in addition to their password when they sign in and OneLogin offers a plethora of strong authentication options. You can use OneLogin’s own free Mobile One-Time Password App, PKI certificates or any of the pre-integrated solutions from Duo Security, RSA, Symantec, VASCO and Yubico.

Desktop SSO

Users that are authenticated by Active Directory on their local area network can be signed into OneLogin automatically without having to enter their credentials. This makes it even easier for users who are at the office.


OneLogin’s security policies allow you to streamline requirements for password complexity and expiration, session timeouts, maximum number of failed login attempts and multi-factor authentication. Policies can be applied to groups or individual users.

VPN Access

OneLogin automatically signs users into the SSL VPN using SAML when it detects that a requested resource was located behind your firewall. And users who have to manually establish an IPsec VPN can get authenticated by OneLogin via RADIUS. You can even require users to append a one-time password to their regular password when establishing the VPN.


OneLogin has a generic RADIUS interface that any RADIUS-capable client can authenticate users against, be it PAM on Linux, a WiFi hot-spot or an IPsec VPN. Users can be authenticated with configurable combinations of username, email, password and one-time passwords.

REST API and SAML Toolkits

If your organization has custom-built applications that need to authenticate users, OneLogin’s REST API provides an easy way of doing so. Or you can use OneLogin’s free SAML toolkits for .Java, NET. PHP, Python and Ruby to completely eliminate passwords.