By Vince Lujan Posted May 20, 2018
OneLogin™ has historically been a popular web application single sign-on (SSO) solution. Recently, they added some support for on-prem applications as well. This new approach to application access is what vendors and analysts are calling unified access management. However, managing access to applications, whether on-prem or remote, is but one piece of the overall identity management puzzle. As a result, many IT organizations are asking, “What’s better than OneLogin?”
Single Sign-On Competitors
With so many significant IT solutions in use today, many of which are from tech titans like Amazon®, Google®, Microsoft®, and many others, it’s difficult to say which web application SSO solution is better. After all, virtually all web app SSO solutions leverage a core identity provider to federate identities to a wide variety of web applications. OneLogin, for example, claims to connect to 5,000+ applications, while Okta®, a fellow web app SSO provider, says they have over 10,000.
Most IT organizations will tell you that the number of applications supported is hardly a factor in their decision. Once the core application set is covered, other capabilities such as securely managing and connecting users to their systems, other applications, files, and networks end up being the critical factors. So, the question of what’s better than OneLogin may not have a direct answer, except to say that organizations must choose the best SSO provider to complement their existing infrastructure. The better questions may be, “What’s better than the web application SSO category as a whole? What’s the next generation in identity and access management?”
What’s Better than SSO for Web Applications?
To answer this question, let’s begin by taking a look at the fundamental underpinnings of single sign-on: the identity provider. Prior to the year 2000, most networks were on-prem and revolved around the Microsoft® Windows® operating system. This enabled IT to leverage Microsoft Active Directory® (AD) primarily as a core identity provider that could securely manage and connect users to virtually all of the IT resources in a Windows-centric environment. This approach worked well for a number of years.
However, the IT landscape started to change as web applications like Salesforce™ and Google Apps (now called G Suite™) gained popularity in the workplace. Web applications such as these were highly advantageous compared to on-prem, Windows-based alternatives. The trouble was that web applications were effectively impossible to manage directly with AD because they were not on-prem, nor were they Windows-based in large part. Nevertheless, IT admins and users began to leverage these powerful new web applications, but IT needed a way to manage them. SSO solutions for web applications emerged in response to this massive shift in the way IT organized their infrastructure.
Web application SSO providers have been riding this wave ever since. However, as modern organizations continue to shift the majority of their on-prem identity management infrastructure away from Active Directory in favor of the cloud, traditional SSO providers have found themselves with an interesting problem. Legacy SSO solutions were specifically designed to work on top of an on-prem identity provider. Without an on-prem foundation, traditional web app SSO solutions struggle – but where does that leave IT organizations?
Beyond Web App SSO
As you may have guessed, IT organizations are left with a number of identity management challenges related to web applications as a result. Additionally, cloud infrastructure at AWS® and GCP™ are more popular than ever; file servers have shifted from Windows server to on-prem Samba file servers and NAS appliances, or cloud alternatives such as Box™ and Dropbox™; Mac and Linux systems are widespread in the enterprise; even the network itself has shifted to a wireless connection via WiFi. With all of these modern identity management challenges and more, the concept of AD at the center and web app SSO as a federator simply doesn’t make sense.
Ideally, IT organizations would be able to leverage a single cloud-based identity management platform that securely manages and connects users to all of the IT resources they need. This includes systems (Windows, Mac, Linux), web and on-prem applications via SAML and LDAP, cloud and on-prem servers (e.g., AWS, GCP), physical and virtual file servers, and wired and WiFi networks. So, the answer to the question of what’s better than web app SSO in general may be a cloud directory services platform that manages the entire IT infrastructure, rather than just applications. Fortunately, centralized identity and access management for virtually any IT resource is achievable with the JumpCloud® Directory-as-a-Service® platform.
Learn More About Cloud Identity Management
If you’re still asking yourself, “What’s better than OneLogin?” Sign up for a free JumpCloud Directory-as-a-Service account or schedule a demo and explore the full functionality of a comprehensive cloud directory first hand. We offer 10 free users to help you discover how Directory-as-a-Service can not only manage access to applications, both on-prem and cloud-based, but virtually any IT resource in your environment. Sound too good to be true? Contact the JumpCloud team today to answer any questions, or watch the following whiteboard presentation to gain a deeper understanding of JumpCloud’s unique approach to cloud identity management.