What is SecureAuth - Features, Pricing, Pros and Cons (2025)

Updated on
June 24, 2025
10 mins
read
Aditya Santhanam
Founder and CTO, Infisign
Contents
Neque porro

Key Takeaways

SecureAuth is a long-time leader in the Identity and Access Management (IAM) market. 

The software allows users to log in without a password. It uses constant checks to confirm a user's identity. This is made possible by an advanced IAM system for mixed IT setups.

It also has an AI risk engine. This engine helps with security for both the workforce (IAM) and for customers (CIAM).

Pros:
  • A Strong and Flexible Product: People who write reviews on SecureAuth praise the aspect. They like its many options. They also like the ways it can be set up for adaptive sign-ins and MFA. The tech is seen as solid. It can secure many types of apps.
  • Good User Experience: The system is made for ease of use. G2 reviewers point to the great user experience. They also note the comfy and flexible user screens.
  • Strong Support for Mixed Setups: A key plus is that it can be used on-site, in the cloud, or in a mix of both. This makes it a good fit for large firms with older systems.
  • Good Tech Support: Many users report good things about the tech support and pro service teams. They say the teams are polite, pro, skilled, and quick to reply.
Cons:
  • Poor Post-Sale Business Methods: The biggest complaint in user reviews is about poor business methods. This is very true for new contracts and licenses. Users warn of surprise claims of license over-use from past deals.
  • Complex for Admins: The admin tool is powerful. But it is often called clunky and odd. It is also seen as hard to set up and fix. The high number of settings means there is a lot to learn.
  • Hard to Set Up: For setups that are not standard, the installation process is often called rough. This can call for a lot of tech skills and resources to manage well.
  • Slower Innovation: Some users feel SecureAuth lacks new ideas when compared to market leaders. They feel other firms have more features. This suggests a view of slower growth.

What is SecureAuth?

SecureAuth came to the market with a new way to manage access. At the time, many firms had to use separate tools for sign-ins and Single Sign-On (SSO). SecureAuth gave them one tool, an all-in-one Identity Provider (IdP). 

This single system joins 2-Factor Authentication (2FA) with strong SSO functions. The design was meant to lower the cost, work, and risk of the old multi-tool model. 

This software lets a firm use its Active Directory or LDAP. It does not ask for a full replacement. This is a key reason for its appeal to its target market of large, mixed-system businesses.

SecureAuth Pricing

SecureAuth's pricing is not simple or public. Any new buyer should review it with care. The final cost can vary a great deal. It seems to be based on a mix of things. These include the sales path, the features needed, the number of users, and the use case, such as for workers or for customers. This method points to a "value-based" plan. The final price can be negotiated and is shaped for each customer's needs.

There are a few pricing models on show:

Per-User, Per-Month Tiers 

  • This model is shown on PCMag. It gives a clear entry point. The Secure Plan starts at $1 per user each month. It gives basic MFA and up to five SAML apps.
  • The Protect Plan is $3 per user each month. It adds unlimited SSO and adaptive sign-ins.
  • The top Prevent Plan costs $6 per user each month. It adds new features like biometric MFA and risk-based blocks.

Marketplace and Custom Pricing: 

The AWS Marketplace shows very different prices for large-scale plans. 

  • The SA Workforce Identity plan is listed at $120,000 per year for 500 inside users. This works out to a much higher $20 per user each month.
  • The SA Customer Identity (CIAM) plan is $60,000 per year for 20,000 outside users. This is just $0.25 per user each month. It shows the different pricing for CIAM.
  • The Salesforce AppExchange lists a start price of $2 per user each month, with discounts for more users.

This big gap in pricing is a key point. It links to user complaints on Gartner about surprise license fees.

SecureAuth Use and Interface

Features like one-tap push notices help users do more work. Smooth logins that do not use passwords and user self-help for tasks like password resets also lead to good user notes. 

  • In sharp contrast, the admin's task is much more complex. The system is no doubt powerful. It has a huge number of settings. It has deep menus for managing all parts of the system, from RADIUS servers to non-stop session checks.
  • This power, however, comes with a high cost in complexity. Pro IT staff on Gartner often call the admin screens clunky and odd.
  • Some reviewers also note that special changes can mean working right on the database. This is a big work hurdle.
  • Admins need to go back to an old, less clear screen for key settings. This shows that a user must learn a lot to use the system's full power.

SecureAuth's Key Features

1. Advanced Sign-in and Authorization

At the core of the SecureAuth system is an advanced, AI-driven risk engine. It is made to allow for very adaptive and context-aware sign-in choices. This system moves past rule-based sign-ins. It uses machine learning to check thousands of user signals at each step. 

Over time, it learns what is normal for each person. It then gives them a risk score. This score is shaped by a wide range of factors, such as:

  • Geo-location: The power to challenge or block access from certain nations or unapproved areas.
  • IP Address Trust: It uses third-party threat data to find and block links from known bad IP addresses. An example is one tied to a botnet.
  • Geo-velocity: This feature spots "impossible travel" cases. For example, a user logs in from North America and then tries to log in from Europe a few minutes later.
  • Device Data: The system checks device-specific traits to find changes from a user's normal hardware.
  • User and Group Roles: Security rules can be applied in different ways. This can be based on a user's role or group in the firm's main list of users.

Based on the risk score, the system can ask for one more sign-in factor. It can also allow low-risk access or block the try all at once.

2. Adaptive MFA and Passwordless Options

SecureAuth has one of the widest ranges of Multi-Factor Authentication (MFA) options in the whole field. It presents nearly 30 separate sign-in methods. This huge choice gives firms top flexibility. It lets them shape sign-in flows to fit any use case or user group.

Types of Sign-ins in SecureAuth:

  • Push Notices: This covers normal mobile push notices ("Push-to-Accept"). It also includes a Symbol-to-Accept method. Here, a user must match a symbol on their login screen to one on their mobile phone for more safety.
  • One-Time Passcodes (OTPs): The system backs OTPs sent by SMS, phone calls, and email. It also works with standard time-based (TOTP) and HMAC-based (HOTP) code apps.
  • Biometrics: Users can use the built-in biometric functions of their mobile phones. An example is a fingerprint or face scan to sign in.

Also, the Arculix Device Trust tool extends these functions. It gives a true password-free mode for desktops.

SecureAuth lets users sign in to their Windows and Mac work machines. They can use the Arculix Mobile app or FIDO2 security keys like YubiKey. They can also use RFID badges or offline codes for when there is no web link.

3. Federation and Protocol Support

The SecureAuth system is built on a standards-based frame. This makes sure it works with most modern enterprise IT systems.

It gives strong support for all major federation protocols. These are key for using Single Sign-On (SSO) across thousands of on-site, cloud, and in-house apps. 

Key protocols are:

  • SAML (Security Assertion Markup Language)
  • WS-Federation
  • OAuth 2.0
  • OpenID Connect (OIDC)
  • The system is able to act as both an Identity Provider (IdP), which checks users, and a Service Provider (SP), which uses identity data from other IdPs.
  • One of its unique and strong functions is the Transformation Engine. This feature gives admins the power to change user traits and claims on the fly during the SAML process. 

This allows the system to handle complex linkups. It can also meet the needs of various apps without changing the main user list. This is a big plus in large, complex setups.

4. Non-stop Sign-in and Biometric Checks

A top-tier function in the SecureAuth line is non-stop sign-in. This tech came from the purchase of SessionGuardian in late 2024. This feature is made to improve security. It extends safety past the first point of login. 

  • It deals with the key weakness that comes up after a user has logged in. At this point, a session could be taken over or used in a bad way. Using new methods like non-stop face scans, the system can watch and guard user sessions in real-time.
  • If the right user steps away from their machine or if a new person shows up, the system can act at once to lock the session.
  • This tech is very key for guarding secret data. It is also key for securing remote and third-party users, who often work in less-watched spaces. 

SecureAuth Reviews and Ratings

How the market sees SecureAuth is drawn from major software review sites. The view is mixed and shows a clear split.

  • On Gartner Peer Insights, SecureAuth holds a 3.9 out of 5-star score from 100 ratings. 82% of reviewers would suggest the product. Good themes are the strong and flexible product and the skilled and quick support teams.
  • But this is balanced by sharp words on poor post-sale customer care and business methods, mainly with licenses. Other key themes are hard installs for complex setups and a clunky, odd admin screen.
  • On G2, SecureAuth's Workforce IAM tool has a higher score of 4.4 out of 5 stars. This is from a smaller group of 29 reviews. Good feedback here is on the great end-user experience and the system's solid tech.
  • The main complaint on G2 is a view that SecureAuth has a slower pace of new ideas when compared to market leaders. 

Overall View of SecureAuth

SecureAuth is a veteran IAM seller. It has managed a big corporate change. It has emerged as a seller of modern, high-tech identity security solutions.

SecureAuth is a "hybrid-native" tool in a cloud-first world. This is true with its strong AI-driven adaptive sign-in engine. SecureAuth also has wide support for a huge range of sign-in methods and federation protocols.

It has a user screen that is often called clunky and not easy to grasp. The installation process for non-standard setups is often said to be hard and needs a lot of resources.

Most of all, there are serious and repeated user worries on trusted peer review sites. These are about the firm's post-sale business methods, mainly with new contracts and license rules. 

Infisign: The Best SecureAuth Alternative

In terms of software that matches SecureAuth’s hybrid-native style and AI-driven constant sign-in, Infisign is a top choice.

It has both IAM and CIAM tools (Infisign Workforce Identity and Infisign UniFed). It secures sign-ins with an easy-to-use SSO. This SSO works on old or web-based apps. Most software limits this to only SAML.

More to the point, it also comes with AI access help, auto-provisioning, and auto-audit trails. These features make it an AI-driven identity tool a good fit for both enterprises and small firms.

Here’s a breakdown of Infisign’s main features:

  • 6000+ API + SDK Integrations: Broad, quick links across your whole tech stack, from new SaaS to old apps. This uses SAML, OIDC, and OAuth protocols as well.
  • Universal SSO: Gives one-click access to all apps. This makes the user experience simple and keeps security in one place.
  • Managed Password Web Sign-in: It safely extends SSO ease to older, password-based, and legacy apps. These apps lack modern SAML, OIDC, or OAuth protocol support.
  • Network Access Gateway: It allows safe remote access to on-site and old apps. This does not need a standard VPN.
  • Adaptive MFA + Conditional Access: It adjusts security based on real-time risk. It gives strong safety with different types of sign-ins.
  • AI Access Assist: It speeds up IT tasks. It lets managers approve or deny user access at once through bots in Slack or Teams.
  • Attribute-Based Access Control: It has very fine-grained control. This makes sure users can only access the data they need for their role. Add and remove hundreds of users in minutes.
  • Impersonation: Infisign’s CIAM lets users have authorized admin access. This access can be turned on by the support team. It gives tenants and clients temp access to admin accounts in urgent cases.
  • Just in Time Access: It lowers risk. It does this by giving temporary permissions to key systems only when needed. These permissions are revoked on their own.

Want to see Infisign in action? Reach out for a free trial!

FAQs about SecureAuth

What is SecureAuth's core strength?

SecureAuth's main strength is its special mix of features. It has a strong, very flexible sign-in system. It also has deep, native support for complex, mixed IT setups. This makes it a "hybrid-native" tool. It can secure both modern cloud services and old on-site apps from one single system. This power to serve firms that cannot leave their old systems is a key point of difference when compared to many cloud-native rivals.

Who is the ideal customer for SecureAuth?

The ideal customer for the SecureAuth Identity Platform is a large, tech-mature firm. This firm would likely be in a field with many rules, like finance, health, or government. This business would have a complex, mixed IT setup. This would include a notable mix of on-site systems along with modern cloud services. Most of all, this business must have the needed in-house tech skill. Or, it must have a very skilled setup partner to manage the deployment and daily running of a complex and strong security system.

What are the main complaints about SecureAuth?

The biggest and most cited complaints about SecureAuth fall into three main groups. First is the admin complexity of the system. Its user screen is often called clunky and odd. Second, installs in non-standard or highly custom setups are said to be hard and need many resources. Third, and most of all, are serious and repeated worries about the firm's post-sale business methods. These are mainly about hard new contracts and surprise license fees.

What is the difference between SecureAuth IdP and Arculix?

SecureAuth IdP and Arculix are the two main parts of the firm's product line. They show its tech growth. SecureAuth IdP is the first all-in-one system. It joins SSO and a wide range of MFA methods. It is still key for firms that need on-site or complex mixed deployments. Arculix™ is the firm's modern, main system. It shows the future of its tech stack. It was built from the joining of the Acceptto, Cloudentity, and SessionGuardian buys. 

Set up
Instant access with SSO in just 4 hours!

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Unify Legacy and Modern Apps With an IAM That Simplifies Access Control.

Get a Free Trial

Similar articles

5 minutes

Understanding API Development

Learn the basics of API development and best practices.

Enter the future of digital security.

Experience AI-enhanced IAM capabilities and better security.
Checkmark
Reusable identity
Checkmark
Zero-Knowledge Proofs
Checkmark
Zero Trust practices
Checkmark
AI Agents
Get a Free Trial
Book a Demo Call
Laden Sie Infisign Wallet herunter auf
Funktionen
Einmaliges AnmeldenPasswortlose AuthentifizierungZero-Trust-AuthentifizierungIdentität dezentralisierenMehrstufige AuthentifizierungVerwaltung privilegierter Zugriffe
Produkte
Infisign IAM SuiteEinheitliches SSOInfisign SSO
Wissensbasis
About Us
Resources
BlogCompetitor Reviews
Competitors
Infisign vs OktaInfisign vs LastpassInfisign vs Red HatInfisign vs Azure ADInfisign vs Cyberark
Treten Sie unserer Mailingliste bei
Danke! Deine Einreichung ist eingegangen!
Hoppla! Beim Absenden des Formulars ist etwas schief gelaufen.
+1 (862) 386 8165
22 Henry Road, Branchburg, New Jersey 08876
demos@infisign.io
© 2024 von Infisign. Alle Rechte vorbehalten.
Datenschutzrichtlinie
Nutzungsbedingungen
Nutzungsbedingungen
Vertrauen