Today we announced the acquisition of Portadi Inc, a cloud-based password management tool for teams. So why did we do that?
OneLogin has been a driving force in the adoption of SAML since we open-sourced toolkits for the standard years ago. Our catalog of 5,000 apps contains more than 1,000 apps that support SAML, and more than half of those vendors have used our toolkits. This has been a huge win for companies of all sizes. When we started out in 2010, identity & access management was a discipline only larger enterprises cared about because IAM solutions were expensive and complex to implement. And as a result, only apps used by larger enterprises supported SAML.
As I have talked about in my earlier blog post, The Power of Standards and the Momentum of SAML, we found ourselves in a chicken-and-egg situation. But over the years, we have turned it around because of a very strong conviction that standards are the tide that lifts all boats.
Fast-forward to 2016. Our typical customer has 100-200 apps configured in OneLogin and most of them don’t support SAML. At OneLogin, only 65 of the 290 apps we use internally support SAML. There are still a ton of apps and sites out there that don’t support SAML and probably never will. Here are just a few examples:
- Market research portals - Gartner, Forrester, 451, IDC etc
- Employee benefits - healthcare, pension, stock option plans
- Office supplies - coffee, food, lunch, office supplies, Amazon
- Marketing - Twitter, Facebook, LinkedIn, AddThis, SEO/SEM tools, URL shortener etc.
- Engineering - Apple Developer Connection, Google Play, Jira and Confluence (really, Atlassian?)
- Finance - Bill payment, banks
The problem with password-based apps is that there are so many of them. Identity providers don’t necessarily want all of them in their catalog because many of them are very niche, local, or not even an actual app. Does a local coffee delivery company need a connector in our catalog? Probably not. So instead, companies configure custom connectors for these apps, which requires work and makes it harder for employees to on-board the applications.
When I came across Portadi, I immediately fell in love with the ease-of-use of their product. After just a week of casual use, I had onboarded dozens of apps without even thinking about it. What Portadi had built was a clever heuristics-based engine that seamlessly and with very high accuracy detects a user’s login activity and captures the user’s credentials in the process. I quickly realized that we had to include this as part of OneLogin.
We will be rolling out Portadi’s technology to our customers in the coming months and expect to see an immediate jump in the number of apps being onboarded. I have always believed that you have to remove all end-user friction from security products in order to get adoption, and Portadi’s technology does exactly that.
In addition to a fantastic product, we also really liked the founders and felt they would be a great addition to our team. I’m super excited about this acquisition and can’t wait to get it in the hands of our customers.