Feature-wise also miniOrange have some very unique features like
- Authenticate your users via any external database or API. This is also relevant for your case. Suppose you want to keep your users in WordPress only and do not want to move them. But since WordPress is not an IDP. You can use miniOrange as a broker to authenticate via WordPress database and miniOrange will do session management.
- Protocol Brokering – This helps you SSO into any application by authenticating via IDP supporting any protocol. Cross-protocol single sign-on between apps.
- miniOrange also provides connectors for many platforms/cms which do not support single sign-on to enable SSO in them like WordPress, Atlassian, Joomla, Drupal, etc.
And you will get all these features and support at a better price than okta for sure. They enforce a minimum annual contract charge along with user subscription for the features you are using.
Complete Support | Basic Support | No Support
| Feature | Details | miniOrange | Duo |
| Ease of Use & Support | |||
| Installation | Quick & Easy Installation | ||
| Support for Customization | Provides customize the solution as per requirements | ||
| Active Support | Provide dedicated support for every query with quick response | ||
| End to End Configuration | Supports Server & client-side configuration | ||
| Local Language Support | Login page, User-facing pages, and Email templates can be customized for different local languages | ||
| No User Migration Needed | We have such a flexible IdP system where you can enable the SSO for the applications without moving the users from their existing user store. | ||
| Basic Competency | |||
| Availability | Provides the solution to both Cloud & On-Premise, Also connectors for many platforms/CMS like WordPress, Drupal, Joomla etc. | (Support for Both On-Prem and Cloud IdP) |
|
| Cost-effectiveness | Best cost in the market | ||
| Product functionality | Product functionality supports market standards | ||
| Single Sign-On | |||
| All Standard Protocols Support | Support for all modern protocols like SAML, OAuth, OpenID Connect, JWT including older protocols like CAS, WS-FED, RADIUS for authentication | ||
| Cross-Protocol Brokering | Provides support to Connect different platforms which support different protocols | ||
| Third Party IdP Support | Integration with third-party Identity Providers | ||
| User Directory Integration | Users can authenticate via any user directory like AD/LDAP, any external database like HRMS system, AWS Cognito | ||
| JWT Integration | Supports JWT authentication for Login into any mobile app, client-side apps based on js, jquery, react, angular, etc. | ||
| Password Vaulting/Secure Web Authentication | We support single sign-on plugins for all popular browsers | ||
| Social Login Integration | Number of social login like Facebook, Twitter, Google, etc. used for authentication | ||
| Windows Single Sign-On | Integrated Windows authentication | ||
| External Database Integration | Can authenticate via any External Database | ||
| API Integration | Can authentication via any app APIs | ||
| User/Group Management | |||
| User/Group Provisioning | Support On-Demand and scheduled sync on daily basis. | ||
| SCIM support | Built-in standards-based provisioning (SCIM) | ||
| User Re-Certification Workflow | User needs to verify his identity after an interval of time for authorized access | ||
| SAML Integrations | |||
| SP & IdP initiated login | Provides both Service Provider and Identity Provider-initiated login for Single Sign-On through SAML | ||
| Multiple SP Support | Number of service providers supported | ||
| User Provisioning/ Deprovisioning | Create, Manage, & Delete information about users on multiple systems | ||
| Multi-Factor Authentication | |||
| Support for 15+ authentication methods | Number of factors used for authentication | ||
| Popular Authentication methods support | Push, QR Code Scan, Soft Token for iOs and Android | ||
| Integrations with the hardware token | Integrations with different hardware token types like Display Token, Yubikey | ||
| Backup Methods - Soft Token, OTP Over Email, Security Questions | Alternate login methods / Backup Methods for Two Factor Authentication | ||
| 2FA integrations with VPN Clients | Support Remote authentication by Radius Protocol | ||
| Windows credential provider | log in to Windows using credentials of different types viz, password, OTP, etc. | ||
| Third Party MFA Providers | Integration with third-party MFA Providers/apps like Google Authenticator, Authy, etc. | ||
| Offline MFA | Provides full MFA security on the computer even in Offline mode. | ||
| App protection | Provide the ability to add MFA layer to applications | ||
| System Protection | Secure Macs & windows systems with MFA at the OS Level | ||
| User self-enrollment & self-management | Users can enroll themselves & manage their account | ||
| Adaptive Authentication | |||
| Enforce access based on user’s device, location and time | Enforce access based on user’s device, location and time | ||
| Limit which devices can access apps — corporate vs. personally owned | Limit which devices can access apps — corporate vs. personally owned | ||
| Control which devices can access apps | Control which devices can access apps | ||
| Notifications to users and admins via email and SMS | In case of any unusual activity, device limit exceeded. | ||
| Security | |||
| Login Security & monitoring | Restrict & Track user login activity | ||
| Advanced Blocking | Block user through various parameters like IP, Country, etc. | ||
| Brute Force & DOS Protection | Delay response or limit login attempts in case of attack |
Our Differentiators from other SSO Vendors
- We have such a flexible IdP system where you can enable the SSO for the applications without moving the users from their existing user store.
- We can authenticate via any user directory or user store - It can be your AD/LDAP, your own database like any HRMS Database, AWS Cognito, etc.
- We can integrate any existing system with miniOrange. Existing system can be any SAML or OAuth based Identity Provider.
- We support single sign-on into all types of applications which support standard protocols like SAML, OAuth/OpenID, JWT including older protocols like CAS, Radius, WSFED
- We also support single sign-on into cloud/on-premise/desktop applications which do not support federated sso via Password Vaulting. We have single sign-on browser plugins for all popular browsers.
- We can enable sso for applications like Oracle EBS without the need of purchaisng Oracle LDAP
- We have sso connectors in many different platforms like Java, .Net, PHP, Node.js, Ruby, etc. which can be used to enable sso for applications which do not have in-built support for any sso protocol.
- We have strong integration with different products of Oracle/SAP/Cisco for single sign-on and multi-factor authentication.
- We support 15+ authentication methods for 2FA along with Adaptive authentication based on device, location and time.
- We have MFA integration and modules available for popular VPN clients, different windows version, RDP - RDC Client and RDWeb Access, SSH Access
- User Access Recertification: We support the user recertification feature where a user needs to verify his identify after a specific period of time for authorized access.
- We provide world-class support and customers vouch for our support
- We will provide the best price in the industry for SSO solution.
- See a short feature comparison with different SSO vendors present in the market in the Comparison sheet