Manual user management is error-prone and labor intensive. Leveraging automated user provisioning with onboarding and offboarding processes to reduce human involvement and streamline access control based on role, department, location, title and other attributes. Changes in Active Directory are synchronized to downstream applications within seconds, providing you with an effective user kill switch that can help minimize exposure.
Users in an application typically have different entitlements. One user may be an administrator, another user may only have access to support tickets in certain groups. Using OneLogin’s Identity and Access Management (IAM), you can import your organization's entitlement definitions from each individual app and use flexible rules to determine which entitlements each user gets.
Deprovisioning or off-boarding users is critical to preventing unauthorized access to enterprise data from former employees. OneLogin provides an effective kill switch for off-boarding users. Real-time user synchronization for Active Directory means that disabling a user will take effect in target applications within seconds, not minutes or hours.
Not every organization is the same and yours may be using a set of user attributes that are unique to your industry or business processes. OneLogin's user provisioning tool allows you to import custom user attributes from external directories and push them to apps that support it, such as Jive, Samange or Salesforce.
OneLogin imports entitlement definitions from apps and gives you flexible rules for determining each user’s entitlements. Upon creating a new user in Salesforce, for example, OneLogin's identity provisioning system can also assign the new user to the Admin, Marketing or Sales group within Salesforce.