create_user
Create User
Create a new user in the OneLogin directory. At minimum, an email or username is required. Optionally set name, department, title, phone, status, group, roles, and custom attributes.
create_user
Create a new user in the OneLogin directory. At minimum, an email or username is required. Optionally set name, department, title, phone, status, group, roles, and custom attributes.
list_apps
List SSO-connected applications in OneLogin. Filter by name (wildcards supported), connector ID, or authentication method. Returns app metadata including auth method, visibility, and timestamps.
update_user
Update an existing user's profile in OneLogin. Supports updating name, email, username, department, title, phone, status, state, group, roles, manager, and custom attributes. Only provided fields will be updated.
get_mfa_factors
Retrieve MFA information for a user including both available (unenrolled) factors and enrolled devices. Provides a complete view of a user's multi-factor authentication status.
manage_user_roles
Assign or remove roles from a OneLogin user. Roles control which applications a user can access. You can assign multiple roles at once or remove specific roles.
verify_mfa_factor
Verify an MFA factor enrollment by submitting the OTP code. Use this after enrolling a factor to complete the registration. For push-based factors like OneLogin Protect and Voice, use the poll option to check completion status.
get_app
Retrieve detailed information about a specific OneLogin application by its ID. Returns full configuration including SSO settings, provisioning config, parameters, and role associations.
list_events
Query historical events from your OneLogin account for audit logging, compliance, and reporting. Filter by event type, user, date range, and other attributes. Returns events with actor, target, app, and risk information.
manage_app
Create, update, or delete an SSO-connected application in OneLogin. When creating, a connector ID and name are required. When updating, provide the app ID and any fields to change. When deleting, provide the app ID.
list_users
Search and list users in the OneLogin directory. Supports filtering by name, email, username, directory, external ID, app, and date ranges. Use wildcards (*) in filter values for partial matching.
list_roles
List roles in OneLogin. Roles control user access to applications. Filter by name, app ID, or app name. Optionally include associated apps, users, and admins.
enroll_mfa_factor
Enroll a new MFA factor for a OneLogin user. Supports SMS, Email, Voice, Google Authenticator, OneLogin Protect, and other TOTP authenticators. After enrollment, use the registration ID to verify the factor with an OTP code.
manage_role
Create, update, or delete a role in OneLogin. Roles control which applications users have access to. When creating, provide a name and optionally associate apps, users, and admins. When updating, provide the role ID and fields to change. When deleting, provide the role ID and set action to "delete".
get_user
Retrieve detailed information about a specific OneLogin user by their ID. Returns the full user profile including name, email, status, roles, group, custom attributes, and activity timestamps.
get_event_types
Retrieve all available event types from OneLogin. Each event type has an ID, name, and description. Use these IDs to filter events when querying the events API. Results should be cached as this endpoint is rate-limited.
delete_user
Permanently delete a user from the OneLogin directory. This action cannot be undone.
list_groups
List all groups in OneLogin. Groups function as security boundaries to apply specific security policies to sets of users.
Manage identity and access management (IAM) for organizations. Create, read, update, and delete users, roles, and groups. Configure and manage SSO-connected applications. Enroll and verify multi-factor authentication (MFA) factors including SMS, email, and authenticator apps. Authenticate users programmatically and generate session tokens. Set up authorization servers with custom scopes and claims. Configure Smart Hooks for custom pre-authentication and user migration logic. Query historical events for audit logging and compliance. Automate user provisioning via SCIM to third-party applications. Sync users from external directories like Active Directory and LDAP. Receive near real-time event webhooks for authentication, user lifecycle, app access, MFA, and provisioning activities.
Common questions about connecting Onelogin to AI agents with Metorial.