OneLogin Desktop

Device trust and the journey to passwordless authentication

Request Demo
OneLogin Desktop

It's a brave new world. One where employees and contractors work remotely accessing cloud apps outside of the corporate firewall and on a wide variety of devices.

That's why you need a brave new device strategy to compliment your identity and access management strategy.

Welcome to OneLogin Desktop.

OneLogin Desktop
OneLogin portal

Sign in once—and be done

Users log in once and have access to all the apps in their OneLogin Portal as well as SAML-enabled desktop apps. No need to sign in again. Users access apps with passwordless authentication. With Desktop Pro, they can even sign into their laptop with their OneLogin password, eliminating the separate laptop password completely.

Enforce secure and easy multi-factor authentication, everywhere

OneLogin Desktop dramatically increases security with additional two-factor authentication. Users authenticate when they log into their OS using their device password and the installed OneLogin Desktop certificate, providing an additional layer of MFA that further protects access to applications. Make access fast and secure even for remote workers and road warriors.

First authentication factor
Authentication step 1

1st authentication factor

Users log in using their Windows or OS X password as their first authentication factor.

Second authentication factor
Authentication step 2

2nd authentication factor

OneLogin Desktop installs a certificate specific to the user and laptop, providing a second authentication factor.

Access granted
Step 3: user access

User authenticated into portal

These two factors authenticate users into their OneLogin Portal, enabling them to access SaaS applications with a single click.

Key Capabilities OneLogin Desktop OneLogin Desktop Pro
Strong authentication with OneLogin Desktop Certificate
OneLogin Desktop issues a unique certificate to each PC or Mac for strong authentication, which can be revoked by admins in case of a lost device.
MDM deployment support
Admins can securely deploy OneLogin to groups of PCs and Macs with 3rd party solutions such as Airwatch, JAMF, Meraki, etc.
Simple for IT to manage
Easy device and security policy management, all in one place. Makes it easy and fast to onboard new employees and offboard former employees.
Shared workstation / kiosk mode
Support multiple users for one machine to eliminate password sharing. When a user signs in to the Tray App, it binds the profile to that user with a specific certificate.
Device authentication
Users sign into their PC or Mac with their OneLogin password at boot time and the lock screen.

Always authenticate against a directory

With today’s distributed workforce, it can be months before a device touches the corporate network. If you’re using Active Directory for authentication, that puts you at risk of stale passwords and permissions.

OneLogin Desktop binds machines to the OneLogin Cloud Directory. If you’re cloud-first, that may be all you need. If you’re using Active Directory, OneLogin synchronizes with it to manage identities and credentials without requiring binding to an AD domain—making it even easier to move off AD completely.

OneLogin portal
Device security

Control device access and revoke it, as needed

Using the OneLogin Trusted Experience Platform™, restrict access so only devices that have OneLogin Desktop installed can be used to access apps. This ensures that only devices sanctioned by IT gain corporate access. OneLogin issues a unique PKI certificate to each machine.

Laptop stolen or missing? Revoke the certificate to prevent bad actors from logging into the laptop account and accessing corporate resources.

Secure all your apps, users, and devices