With half of 2021 behind us and a look ahead to the next six months, we can’t help but think of the famous line from heavyweight champion on the silver screen, Rocky Balboa: “It ain’t how hard you can hit. It’s how hard you can get hit and keep moving forward.”
And like so many other companies, moving forward, no matter what, continues to be the spirit among the teams here at OneLogin. With that being said, we are thrilled to share some new product updates that we’ve worked on over the past several months.
Our Summer 2021 Release highlights new features and functionality that provide additional log in options for end users, reduce the risk of account compromise, improve API security across your environment, and much more. These new features and capabilities span three key areas:
Read on to find out more!
What are we announcing?
With more and more ransomware attacks piling up, organizations continue to face the threat of unauthorized access to valuable resources, especially in a world where end users themselves have more flexibility to do work on their own terms. Shifting between working remotely and working from the office throughout the course of the week presents new challenges for IT and Security teams to implement the right level of security measures to protect data and assets, while at the same time, enable the business.
- Account Recovery with reCAPTCHA: Require users to complete reCAPTCHA before they update their passwords or unlock their account. This feature increases your organization’s security by blocking bot attacks.
- Trusted IdP with Apple ID: You can now configure Apple ID as a Trusted IdP. Allow end users to leverage their existing Apple credentials to conveniently log into OneLogin and all their apps.
- Single Logout for Trusted IdP: OneLogin’s Trusted IdP configuration now supports SAML Single Logout (SLO). When a user logs in with an IdP that supports SLO, you can terminate sessions across IdPs when the user logs out, reducing the risk of an attacker gaining access to a user’s session.
- Device Trust Check: Prompt users to submit a certificate (e.g. with a PKI or 3rd party certificate) without preventing them from logging in if they don’t. When combined with MFA Bypass for Trusted Devices, you can prompt users for MFA on personal devices, but not for corporate devices—all within a single user policy.
In this release, we have added new features that simplify management of your organizational structure between different directories as well as enable you to further control and define access privileges. Plus, new app connectors to enable user provisioning.
- Manager Export to AD/LDAP: Utilize custom attribute mappings to import and export the manager field between OneLogin and AD/LDAP in order to maintain the manager relationship between directories. This is compatible with all versions and does not require changes on your current ADC or LDC installation.
- Delegated Administration: Delegate administrative access to various parts of the organization at a granular level to enforce the Zero Trust principle of “least privilege access” and balance productivity with defending against security threats.
- New Provisioning Connectors: We added SCIM connectors for Cato Networks, AssetSonar, Qualified, Databricks to enable automated user provisioning in OneLogin.
As part of our ongoing investment in the developer experience, we are announcing several exciting new features that allow you to tightly integrate OneLogin with your mobile and custom-built apps as well as API gateways. Build authorization into apps faster and increase the security of your APIs.
- Dynamic Client Registration: Quickly integrate custom or mobile OIDC third-party applications with an API gateway, like MuleSoft, for stronger API protection.
- API Authorization Server UI: As part of your API Access Management offering, OneLogin now offers a new UI to manage API Authorization Servers. Create and manage access tokens for use against an API gateway or to authorize your organization’s APIs.