If you're having trouble at any stage please contact us at firstname.lastname@example.org.
OneLogin is an identity provider as a service (aka IDaaS), to manage the organization’s identities and manage the authentication in a central and secure way across multiple applications (SSO).
OneLogin Audit Sources & Events Supported
|Audit Source (API)||Service/Module Covered||Event Types||Events included|
|Events||Authentication||login to onelogin failed/succeeded, user authentication via API failed/succeeded, user failed remote authentication, Mac login success/failed, user logged-out from onelogin, user logged-out from app, user authenticated by RADIUS, social sign-in, user failed login via assertion proxy etc||Represents authentication related events to onelogin app or its protected apps|
|Active Directory||ad connector started, stopped, configuration reloaded etc||Represents events relate to the ActiveDirectory connector|
|Directory Connector & VLDAP||directory connector enabled/disabled, directory export started/finished, VLDAP bind failed, VLDAP enabled/disabled/updated etc||Represents events relate to the directory connector|
|Directory Management||directory added/deleted/modified, directory group updated etc||Represents events relate to directory management|
|Integrated Application||integrated app added/removed/updated etc||Represents events relate to the integrated applications|
|Directory Users Management||user deleted/created in directory, user invited, user locked, user suspended/reactivated in directory, user field added/removed, self-registration requested for user, user unlocked in directory etc||Represents events relate to users management in onelogin directories|
|App Users Management||user deleted/created in app, user suspended/reactivated in app, user linked in app, user updated in app etc||Represents events relate to users management in onelogin apps|
|Roles Management||added role to user, role management granted/revoked, role removed from a user etc||Represents events relate to security settings changes|
|Security Settings||trusted idp removed, certification expiration notice, certification created, RADIUS config updated, desktop SSO enabled/disabled, VPN enabled/disabled,|
|SAML||SAML assertion consumer service failed|
|Passwords||set password with salt, set password with clear text, failed to set password with salt etc||Reprisents event related to password changes and management|