After reviewing several single sign-on (SSO) solutions, we recommend OneLogin as the best solution for small businesses. We chose OneLogin from dozens of SSO companies. To understand how we picked OneLogin, see our methodology on our best picks page.
We selected OneLogin as our best choice for small businesses for a number of reasons, chief among them was the flexibility and scalability it offers. In addition, OneLogin boasts a relatively easy implementation process that supports the integration of multiple directory types and works across all devices and platforms, making it a versatile solution that can be adapted to most any business's existing system.
OneLogin is also quite user friendly; it should be easy to introduce to your current staff upon implementation as well as new hires who will be introduced into the system as future new users. OneLogin can also support multiple logins to the same application for one user, further easing adoption in the event a user maintains multiple accounts for the same application.
Already prepared to choose a singe sign on solution? Here’s a breakdown of the rest of our coverage:
- Best Single Sign-On Solutions for Business in 2017
- LastPass Review: Best Free Single Sign-On Solution for Business
Editor's Note: Looking for an SSO solution for your business? Use the questionnaire below to be contacted by vendors with additional information:
OneLogin allows you to tailor the identity-management process to suit your needs. Not only is it compatible with a number of directory types, OneLogin also gives you a degree of control over the integration process. The way the SSO manages groups also adds a degree of flexibility.
OneLogin manages security groups directly, rather than synchronizing with the integrated directory; a key part of this process is OneLogin's "mapping" tool, which automates the user-management process. This means administrators will have a little extra work to do, but it gives them additional control beyond most SSOs.
For those more concerned with aesthetic than technical aspects, OneLogin offers a highly customizable user portal, right down to the ability to feature company branding and select the desired color scheme. The level of control OneLogin grants to administrators, whether it is under the hood or in terms of appearance, makes it an attractive solution.
Self-registration pages: The self-registration page is a unique feature that set OneLogin apart from the pack. Self-registration pages allow users to request accounts to access certain applications, subject to administrative controls. This is an especially useful feature for collaborating with partner organizations or when granting interns access to the system. Self-registered users can also be set to default into a specific group, meaning permissions can essentially be preset for this class of user.
Multi-factor authentication: MFA is essential to securing users' accounts and maintaining the integrity of your network. OneLogin comes with a number of authentication platforms preintegrated, but it also allows integration of any third-party authentication methods you want to include. Security policies can be set by administrators to dictate precisely how users can sign on; for example, by employing OneLogin's "one-time password" or by SMS authentication.
OneLogin offers several pricing tiers. The first level is Free and includes SSO for three applications and five personal applications. The next tier, the Starter subscription, costs $2 per user per month (25-user minimum) and includes SSO and MFA for all of your applications. The Enterprise subscription costs $4 per user per month and includes multiple directory-type integration, multiple languages, custom reports and security policies. Finally, for those looking for complete SSO solutions, the Unlimited subscription costs $8 per user per month and includes custom fields and mapping, user provisioning and several additional integrations.
OneLogin's mapping feature might lend it some additional flexibility, but it also requires additional attention since security groups are not automatically synchronized from the active directory. So while you get some additional customization out of mappings, you're also introducing more complexity. While this isn't really a limitation, it is a caveat worth mentioning.
OneLogin represents a highly adaptable and effective single sign-on solution, especially for the small and mid-sized business. With a number of unique features and reliable performance in key areas, OneLogin offers a safe way to streamline your company's identity-management process.