This site requires JavaScript to be enabled
External Customer KB > General > RADIUS
Article: KB0010645 Published: 04/22/2021 Last modified: 04/21/2021

Protect cloud data with RADIUS and OneLogin

This factor supports RSA SecurID and OneSpan. OneLogin can require employees to use RADIUS as a second authentication factor before accessing corporate data in the cloud or VPN. Multi-Factor authentication ensures that an unauthorized user can'T sign into employe applications by using their user name and password, protecting your sensitive data from perpetrators. 

company apps

How it works

OneLogin is pre-integrated with RSA Authentication Manager and can be configured in less than a minute. Simply enter the IP address of your RSA Authentication Manager server and a port number where OneLogin can reach it via RADIUS. OneLogin's flexible security policies determine who is required to use RSA SecurID when signing into OneLogin. 

OneLogin acts as a RADIUS client and sends to the RADIUS server that runs on the RSA Authentication Manager primary server. New PIN mode and Next Tokencode mode aren't supported. Replicas aren't added and the standard solution is to use port-forwarding, configured on your firewall, to route the RADIUS request to an available server. The OneLogin RADIUS client IP address is taken from the standard OneLogin subnet pool.

For more information about OneLogin Domains and IP addresses, see OneLogin Domains and IP addresses.

Certified integration

OneLogin's integration with SecurID & OneSpan is fully certified and supports user auto-registration and PIN updates via OneLogin's login page. If a user's PIN expires, they can update it in OneLogin using RADIUS's protocol, reducing admin overhead without sacrificing security.

Expand/Collapse Comments
Was this helpful?