KuppingerCole Report
Executive View
By John Tolbert

Onegini Connect

Onegini provides a compelling solution for Consumer Identity and Access Management (CIAM). Onegini is headquartered in Europe and has global ambitions. They have expertise in EU regulations such as GDPR and PSD2. They are positioning their product as a CIAM solution for financial, health care, and insurance industries with a strong mobile differentiator to enhance customer engagement.

1 Introduction

Consumer Identity and Access Management (CIAM) is the fastest growing specialty in Identity and Access Management (IAM) that has emerged in the last f ...

Login Get full Access

2 Product Description

Onegini Connect is offered as either an on-premises solution or in single-tenant SaaS instances. For on-premises installations, MySQL, MSSQL, Oracle d ...

Login Get full Access

3 Strengths and Challenges

Onegini was founded in Europe and has a good understanding of the regulatory environment, particularly with regard to the finance and insurance sectors. They are relatively small in size and market reach but are branching out into new regions with a responsible managed growth strategy. Their Connect CIAM offering has many innovative features, such as the leading-edge integration of home safety and security IoT sensors with consumer identities.

Onegini offers both on-premises and cloud deployment options. The managed service is a turnkey, cloud-based CIAM solution that enables their clients to quickly onboard consumers and begin deriving value. The platform offers adequate authentication choices for many use cases, including scenarios where higher authentication assurance is required. Strong support for mobile authentication and FIDO UAF authenticators is a plus. Excellent mobile SDKs allow clients to flexibly build secure apps easily.

Their solution provides limited out-of-the-box identity profiling and marketing analytics capabilities. Clients need to use 3rd party tools to take advantage of the identity information which is available via APIs from Onegini Connect.

Onegini helps clients prepare for GDPR compliance by providing fine-grained consent and authorization mechanisms, user dashboards, auditability, and by supporting data deletion requests.

Fraud detection and prevention mechanisms are increasingly important in CIAM solutions, particularly for financial institutions. Many open source and commercial sources of fraud, cyber threat, and compromised credential intelligence are available and can be integrated into CIAM and adaptive authentication solutions. Onegini Connect would benefit by supporting compromised credential, fraud, threat intelligence integration capabilities. Additional identity and marketing analytics features would also strengthen the offering.


  • Great selection of authenticators, including advanced MFA mechanisms
  • Versatile mobile SDKs for securely building apps that leverage Onegini Connect CIAM
  • Large number of IDPs recognized for registration
  • Innovative IoT integration capabilities
  • Strong security features, including transaction signing and tamper resistance
  • Consent management and GDPR-compliant hosting


  • Small market share and limited global customer base
  • Needs compromised credential and threat intelligence consumption abilities
  • No built-in marketing analytics
  • SCIM support coming soon; UMA under evaluation


©2021 KuppingerCole Analysts AG all rights reserved. Reproduction and distribution of this publication in any form is forbidden unless prior written permission. All conclusions, recommendations and predictions in this document represent KuppingerCole´s initial view. Through gathering more information and performing deep analysis, positions presented in this document will be subject to refinements or even major changes. KuppingerCole disclaim all warranties as to the completeness, accuracy and/or adequacy of this information. Even if KuppingerCole research documents may discuss legal issues related to information security and technology, KuppingerCole do not provide any legal services or advice and its publications shall not be used as such. KuppingerCole shall have no liability for errors or inadequacies in the information contained in this document. Any opinion expressed may be subject to change without notice. All product and company names are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.

KuppingerCole Analysts support IT professionals with outstanding expertise in defining IT strategies and in relevant decision-making processes. As a leading analyst ompany, KuppingerCole provides first-hand vendor-neutral information. Our services allow you to feel comfortable and secure in taking decisions essential to your business.

KuppingerCole, founded in 2004, is a global, independent analyst organization headquartered in Europe. We specialize in providing vendor-neutral advice, expertise, thought leadership, and practical relevance in Cybersecurity, Digital Identity & IAM (Identity and Access Management), Cloud Risk and Security, and Artificial Intelligence, as well as for all technologies fostering Digital Transformation. We support companies, corporate users, integrators and software manufacturers in meeting both tactical and strategic challenges and make better decisions for the success of their business. Maintaining a balance between immediate implementation and long-term viability is at the heart of our philosophy.

For further information, please contact clients@kuppingercole.com.