This site requires JavaScript to be enabled
External Customer KB > General > OneLogin Protect for Android
OneLogin Protect for Android
Article: KB0010511 Published: 02/06/2023 Last modified: 02/06/2023

OneLogin Protect for Android is a mobile authenticator app that provides a one-time-password (OTP) as an additional authentication factor. Since you likely always have your phone nearby, it makes for an easy and convenient way to authenticate your account. OneLogin Protect is also available for iOS.

Prerequisites:

  • A mobile device running Android 5.0 (Lollipop) or above

 


 

Installing OneLogin Protect

The OneLogin Protect mobile app can be installed directly from the Google Play Store on your Android device. It may require the following permissions:

  • Disable Your Lock Screen - To scan your registration QR code (we use the Google QR library, and this is required through Google).
  • Full Network Access - The registration process uses our APIs, and this is also needed to perform multi-factor authentication (MFA).
  • View Network Connections/View WiFi Connections - To check if there is network access. We verify this before making API calls.
  • Play Install Referrer API - Added by default for Google, tracks where the app was installed from for debugging purposes.

 


 

Adding an Authentication Factor

Your administrator may require biometric authentication for OneLogin Protect. If your device prompts you to enable biometric authentication during setup, tap Yes and follow the on-screen prompts.

Using Your Android Device

  1. Log in to your OneLogin portal from the browser on your Android device.

  2. If your admin has required multi-factor authentication (MFA) and you have not already configured at least one additional authentication factor, you may see a prompt requesting that you add one now. If so, tap Continue and follow the prompts on your screen.

  3. Otherwise, go to your Profile and choose Security Factors from the menu.

    OneLogin browser menu (mobile screenshot)OneLogin mobile browser Profile menu (screenshot)
  4. Tap Add Factor and select OneLogin Protect from the list of enabled authentication factors, then tap Activate.

    OneLogin Security Factors (mobile screenshot)OneLogin Security Factor selection (mobile screenshot)

    If OneLogin Protect does not appear in the list, contact your admin to ensure it has been enabled.

  5. Tap Activate to launch the OneLogin Protect app. If prompted, confirm that you want to open the link with Protect either Just Once or Always.

    Activate OneLogin Protect (mobile screenshot)Android confirmation Open With Protect (mobile screenshot)
  6. Your OneLogin portal now appears in the home screen of OneLogin Protect and can be used for future authentication.

Using Your Computer or Another Device

  1. Log in to your OneLogin portal from a web browser and go to your Profile. In the Security Factors menu, click Add Factor.

    OneLogin Security Factors (screenshot)

  2. Select OneLogin Protect from the list of enabled authentication factors.

    OneLogin select a security factor (screenshot)

    If OneLogin Protect does not appear in the list, contact your admin to ensure it has been enabled.

  3. In the OneLogin Protect app, tap the + in the lower right corner to add an account.

    OneLogin Protect for Android (mobile screenshot)

  4. If OneLogin Protect requests permission to use your camera, tap Allow. The camera activates, ready to scan a QR code.

    Allow Protect to take pictures and record video? (mobile screenshot)

  5. Click Activate in your web browser. Verify that iPhone & Android is selected in the dropdown menu and scan the QR code with your mobile device.

    QR scanning interface (screenshot)QR scan successful (screenshot)

    If you're unable to scan the QR code, consult the Troubleshooting steps below to check your camera settings or use an alternate code method.

  6. When the code is accepted, the mobile app displays a green check and refreshes, displaying your account ready to authenticate.

    QR scan activation (mobilescreenshot)QR scan confirmation (mobile screenshot)OneLogin Protect registered account (mobile screenshot)

 


 

Authenticating with OneLogin Protect

  1. The next time your OneLogin account requires authentication, the login screen advises that your Android device is ready for your approval.

    a notification has been sent to your device (screenshot)

  2. OneLogin sends a notification to the device. Tap the notification, then select Accept. Unlock your device to allow one OneLogin to automatically send the OTP and log you in to your portal.
    Mobile access notification (screenshot)Mobile access request (screenshot)

    If you don't receive the push notification, attempt the Troubleshooting steps below to check your notification settings or use an alternate OTP method.

 


 

Backing up your accounts

Configuring automated backups

  1. In OneLogin Protect on your Android, swipe right to view the menu and tap Backup.

    OneLogin Protect menu (screenshot)

  2. Enter your Email and Phone Number, and create a Master Password using the criteria shown on your screen.

    OneLogin Protect Backup (mobile screenshot)

  3. After verifying your phone number by SMS, you receive a PDF containing a QR code and secret key for your account. Download or screenshot this file and store it in a safe place.

    OneLogin Protect Backup Key (mobile screenshot)

  4. OneLogin Protect will now automatically update your backup whenever you add, update, or delete an account.

Warning: The master password and QR code are required to access your backup in the future. If you lose them, you will lose access to this backup and will need to create a new backup using a new email address and master password. Additionally, anyone with this information may be able to access your OneLogin account and all secure accounts you have connected to it. Be sure that you keep it in a secure location that only you have access to.

Creating a manual backup

  1. Open OneLogin Protect and go to your Backup menu.

  2. The Last Updated date shows you how recently your accounts were automatically backed up. Tap BACKUP NOW to immediately create a manual backup.

    OneLogin Protect Backup Now (mobile screenshot)

  3. A confirmation appears at the bottom of your screen to display when your backup is in progress and has been completed. When complete, the Last Updated date changes to reflect your current backup.

Disabling your backups

  1. Open OneLogin Protect, go to your Backup menu, and tap DISABLE BACKUP.

    OneLogin Protect Disable Backups (mobile screenshot)

  2. A warning appears, confirming that you want to remove all existing backups and permanently disable any previously generated QR codes for this backup. Tap REMOVE to confirm. Your saved codes can now be deleted from anywhere you've stored them and will no longer work to restore your backup. A new code must be generated in order to create backups for this account again the future.

Restoring from a backup

  1. Open OneLogin Protect on your Android. Swipe right to view the menu and tap Restore.

  2. Scan the QR code from your saved Recovery Kit, or tap Enter code instead to manually enter your Secret Key.

  3. Enter the email and master password you created when configuring your backup and tap RESTORE. After authenticating your information, Protect will restore your backed up data.

Removing OneLogin Protect

Deleting an account from the device will not disable the account. You may still receive push notifications if the device remains registered and is the default factor. Follow these steps to fully remove OneLogin Protect from your authentication factors.

  1. Return to Security Factors in your OneLogin Portal. Open the menu to the right of OneLogin Protect and click Remove.

    Remove OneLogin Protect (screenshot)

  2. If your admin has required MFA, you may be prompted to choose or create a new primary factor. Follow the prompts on your screen, then click Remove to confirm you want to remove OneLogin Protect.

 


 

Troubleshooting

I can't scan the QR code to add OneLogin.

  1. Ensure that OneLogin Protect has access to your camera.
    1. In your device settings, go to App info for OneLogin Protect and tap Permissions.

      OneLogin App info (mobile screenshot)

    2. Verify that Camera appears under Protect's ALLOWED Access.

      OneLogin App Permissions (mobile screenshot)

    3. If it doesn't, tap Camera and then change its toggle to Allow.

      OneLogin App Permissions (mobile screenshot)OneLogin Camera Permissions (mobile screenshot)
  2. If you're still unable to scan the code, you can enter it manually.
    1. On your mobile device, tap Enter code instead.

      OneLogin Protect - Enter code instead (mobile screenshot)

    2. On your other device, click Can't scan the code? and verify that iPhone & Android is selected in the dropdown menu.

      OneLogin Protect - Can't scan code? (screenshot)

    3. Enter the displayed Activation Code into the mobile app and resume configuration.

      OneLogin Protect - Enter code (screenshot)OneLogin Protect - Enter code (mobile screenshot)

I'm not receiving push notifications to authenticate my account.

When your device is first added as a factor, the push notification connection may take a few hours to complete. If you're still not receiving push notifications after this time, verify that notifications are turned on and that OneLogin Protect has permission to send them.

  1. Ensure that notifications are turned on in OneLogin Protect.
    1. Open the OneLogin Protect menu and go to Settings.

      OneLogin Protect menu (mobile screenshot)

    2. Verify that Allow Push Notifications is toggled on.

      OneLogin Protect push settings (mobile screenshot)

  2. Ensure that OneLogin Protect has permission to send notifications.
    1. In your device settings, go to App info for OneLogin Protect and tap Notifications.

      OneLogin App info (mobile screenshot)

    2. Verify that all notifications are toggled on.

      OneLogin Notification settings (mobile screenshot)
  3. If you're still not receiving push notifications, contact your administrator about possible network issues preventing communication between your account and OneLogin Protect app. In the meantime, you can manually grant access by opening OneLogin protect and tapping Tap to unlock to view and enter your OTP. The OTP changes every 30 seconds and is indicated by the timer wheel to the right.


Expand/Collapse Comments
:     
Was this helpful?
YesYesNoNo