|
OneLogin Protect for Android is a mobile authenticator app that provides a one-time-password (OTP) as an additional authentication factor. Since you likely always have your phone nearby, it makes for an easy and convenient way to authenticate your account. OneLogin Protect is also available for iOS.
Prerequisites:
- A mobile device running Android 5.0 (Lollipop) or above
Installing OneLogin Protect
The OneLogin Protect mobile app can be installed directly from the Google Play Store on your Android device. It may require the following permissions:
- Disable Your Lock Screen - To scan your registration QR code (we use the Google QR library, and this is required through Google).
- Full Network Access - The registration process uses our APIs, and this is also needed to perform multi-factor authentication (MFA).
- View Network Connections/View WiFi Connections - To check if there is network access. We verify this before making API calls.
- Play Install Referrer API - Added by default for Google, tracks where the app was installed from for debugging purposes.
Adding an Authentication Factor
Your administrator may require biometric authentication for OneLogin Protect. If your device prompts you to enable biometric authentication during setup, tap Yes and follow the on-screen prompts.
Using Your Android Device
-
Log in to your OneLogin portal from the browser on your Android device.
-
If your admin has required multi-factor authentication (MFA) and you have not already configured at least one additional authentication factor, you may see a prompt requesting that you add one now. If so, tap Continue and follow the prompts on your screen.
-
Otherwise, go to your Profile and choose Security Factors from the menu.

-
Tap Add Factor and select OneLogin Protect from the list of enabled authentication factors, then tap Activate.

If OneLogin Protect does not appear in the list, contact your admin to ensure it has been enabled.
-
Tap Activate to launch the OneLogin Protect app. If prompted, confirm that you want to open the link with Protect either Just Once or Always.

-
Your OneLogin portal now appears in the home screen of OneLogin Protect and can be used for future authentication.
Using Your Computer or Another Device
-
Log in to your OneLogin portal from a web browser and go to your Profile. In the Security Factors menu, click Add Factor.

-
Select OneLogin Protect from the list of enabled authentication factors.

If OneLogin Protect does not appear in the list, contact your admin to ensure it has been enabled.
-
In the OneLogin Protect app, tap the + in the lower right corner to add an account.

-
If OneLogin Protect requests permission to use your camera, tap Allow. The camera activates, ready to scan a QR code.

-
Click Activate in your web browser. Verify that iPhone & Android is selected in the dropdown menu and scan the QR code with your mobile device.

If you're unable to scan the QR code, consult the Troubleshooting steps below to check your camera settings or use an alternate code method.
-
When the code is accepted, the mobile app displays a green check and refreshes, displaying your account ready to authenticate.
 
Authenticating with OneLogin Protect
-
The next time your OneLogin account requires authentication, the login screen advises that your Android device is ready for your approval.

- OneLogin sends a notification to the device. Tap the notification, then select Accept. Unlock your device to allow one OneLogin to automatically send the OTP and log you in to your portal.

If you don't receive the push notification, attempt the Troubleshooting steps below to check your notification settings or use an alternate OTP method.
Backing up your accounts
Configuring automated backups
-
In OneLogin Protect on your Android, swipe right to view the menu and tap Backup.

-
Enter your Email and Phone Number, and create a Master Password using the criteria shown on your screen.

-
After verifying your phone number by SMS, you receive a PDF containing a QR code and secret key for your account. Download or screenshot this file and store it in a safe place.

-
OneLogin Protect will now automatically update your backup whenever you add, update, or delete an account.
Warning: The master password and QR code are required to access your backup in the future. If you lose them, you will lose access to this backup and will need to create a new backup using a new email address and master password. Additionally, anyone with this information may be able to access your OneLogin account and all secure accounts you have connected to it. Be sure that you keep it in a secure location that only you have access to.
Creating a manual backup
-
Open OneLogin Protect and go to your Backup menu.
-
The Last Updated date shows you how recently your accounts were automatically backed up. Tap BACKUP NOW to immediately create a manual backup.

-
A confirmation appears at the bottom of your screen to display when your backup is in progress and has been completed. When complete, the Last Updated date changes to reflect your current backup.
Disabling your backups
-
Open OneLogin Protect, go to your Backup menu, and tap DISABLE BACKUP.

-
A warning appears, confirming that you want to remove all existing backups and permanently disable any previously generated QR codes for this backup. Tap REMOVE to confirm. Your saved codes can now be deleted from anywhere you've stored them and will no longer work to restore your backup. A new code must be generated in order to create backups for this account again the future.
Restoring from a backup
-
Open OneLogin Protect on your Android. Swipe right to view the menu and tap Restore.
-
Scan the QR code from your saved Recovery Kit, or tap Enter code instead to manually enter your Secret Key.
-
Enter the email and master password you created when configuring your backup and tap RESTORE. After authenticating your information, Protect will restore your backed up data.
Removing OneLogin Protect
Deleting an account from the device will not disable the account. You may still receive push notifications if the device remains registered and is the default factor. Follow these steps to fully remove OneLogin Protect from your authentication factors.
- Return to Security Factors in your OneLogin Portal. Open the menu to the right of OneLogin Protect and click Remove.

-
If your admin has required MFA, you may be prompted to choose or create a new primary factor. Follow the prompts on your screen, then click Remove to confirm you want to remove OneLogin Protect.
Troubleshooting
I can't scan the QR code to add OneLogin.
- Ensure that OneLogin Protect has access to your camera.
-
In your device settings, go to App info for OneLogin Protect and tap Permissions.

-
Verify that Camera appears under Protect's ALLOWED Access.

-
If it doesn't, tap Camera and then change its toggle to Allow.

- If you're still unable to scan the code, you can enter it manually.
- On your mobile device, tap Enter code instead.

-
On your other device, click Can't scan the code? and verify that iPhone & Android is selected in the dropdown menu.

-
Enter the displayed Activation Code into the mobile app and resume configuration.

I'm not receiving push notifications to authenticate my account.
When your device is first added as a factor, the push notification connection may take a few hours to complete. If you're still not receiving push notifications after this time, verify that notifications are turned on and that OneLogin Protect has permission to send them.
- Ensure that notifications are turned on in OneLogin Protect.
-
Open the OneLogin Protect menu and go to Settings.

-
Verify that Allow Push Notifications is toggled on.

- Ensure that OneLogin Protect has permission to send notifications.
-
In your device settings, go to App info for OneLogin Protect and tap Notifications.

-
Verify that all notifications are toggled on.
-
If you're still not receiving push notifications, contact your administrator about possible network issues preventing communication between your account and OneLogin Protect app. In the meantime, you can manually grant access by opening OneLogin protect and tapping Tap to unlock to view and enter your OTP. The OTP changes every 30 seconds and is indicated by the timer wheel to the right.
|