One Identity Manager Reviews

We use One Identity to integrate our internal and external applications into SSO.

One Identity's biggest benefit is application integration. The solution allows us to apply the same governance coverage to all environments. It helps consolidate procurement. One Identity streamlines application access decisions. It allows the application team to choose the protocol the application will use. We can automate access control with One Identity, saving us time and money. The automation gives us a few errors, but it's manageable. 

One Identity's interface is pretty good. It's user-friendly, and you can access most applications inside the console. The user experience is solid. You can use One Identity if you are a layman without much technical experience. You might need a little more training with admin access, but it's easy to learn. 

The identity governance components have some room for improvement, particularly the ability to terminate an employee's ID after leaving the company. Customization can be difficult because One Identity uses specified attributes that we must use.

We have used One Identity Manager.

I rate One Identity Manager eight out of 10 for stability.

I rate One Identity support seven out of 10. 

Oracle Access Manager is comparable to One Identity. It's a good product.

Deploying One Identity Manager took around half an hour. Three or four people were involved on our side, and the application team required our product manager and change manager. One Identity requires annual maintenance depending on the customer's requirements, and the number of people devoted to maintenance depends on your environment's size. 

I estimate that the return on investment is around 40-50 percent. 

One Identity Manager isn't the best solution on the market, but it's cost-effective.

I rate One Identity Manager seven out of 10. I would recommend One Identity to a small company. It requires minimum support because it's user-friendly, but you may need something more secure for a large-scale deployment. 

We use the solution for the management of identity and access identity, mostly for our employees.

It really helps in application access decisions, application compliance, and application auditing. That is what we mainly use it for: to have governance and compliance.

The solution has helped application owners make application governance decisions without IT. That's how we configured it. That has been a positive effect.

There are a lot of valuable features, including connectors, attestations, and workflow.

For the governance of users, data, and privileged accounts, it's really strong. It's really good, a 10 out of 10.

We also make use of its business roles to map company structures for dynamic application provisioning. That aspect is super important.

It has problems with performance. This is a very serious issue for us. Other than that, it's really capable. The performance is what is missing. It's really poor.

A second problem is the visibility in the search functionality. You don't have flexible search capabilities when you look for either roles or users. You cannot use multiple attributes. The search fields are very limited and that definitely needs improvement.

Also, the interface is really old. From that perspective, it's a six out of 10.

Another issue is that it is really difficult to customize it to our needs. If "10" is super-difficult, I would rate the customization at eight. When it comes to the options, it is super flexible. From that perspective, it is really strong.

I have been using One Identity Manager for almost two years.

It's a stable solution.

So far, it has been scalable when it comes to connecting new systems. When it comes to the performance of the tool, as I mentioned, if you want to have multiple users using it at the same time, it really lacks scalability.

We currently have around 60,000 users of the solution.

I believe we use Premier Support. To be perfectly honest, we were not very happy about Premier Support, and it was escalated.

The answer we usually get is that something will be fixed in the next release, or the release after that. Sometimes they help, but most of the problems are not solved.

Neutral

We had a previous solution, RSA, previously known as Aveksa, but it was not scalable enough for our needs, and it had internal bugs and problems.

We upgraded to One Identity mainly for the connectors. Because of the performance, we're struggling a little bit with One Identity. Other than that, it gives us what we need.

Taking into account our requirements, the deployment had to be complex because we're a complex organization. In general, we have one central solution that is delivered to the entire organization. We operate in a tenant model where particular entities can manage their scopes of applications and roles.

We were super-fast in the deployment. It took us about one and a half years. But we migrated the previous solution into One Identity, so we had already built most of the structures. We also had the connectors and definitions.

We had 10 to 14 people involved.

There is a lot of maintenance, including patching, upgrading versions, implementing improvements, and building new functionalities. It includes the whole life cycle.

I don't have access to how much we pay for licenses. That usually depends on how the company negotiates. But I believe the pricing is fair.

We recently started connecting One Identity Manager to SAP. I'm not an expert on SAP, but it's not the main system that we're interested in. One Identity Manager connects SAP accounts to employees' identities under governance, but it's just in one of the countries where we operate, and it's not even the biggest one that is using SAP. It's critical for them, but our entire company is not based on SAP.

If you configure One Identity Manager and use it properly, it helps minimize holes in data coverage for test, dev, and production servers. But it usually depends on the coverage.

In terms of Zero Trust, that requires a lot of more things, not only One Identity Manager, and we don't use other products from them.

The performance problems are a pain point, but if I compare it to not having the solution in place, it really has a positive impact. One Identity Manager really can help you, but compared to our previous process, because of the performance issues, it is actually a little down from what we had before.

Overall, I would definitely recommend One Identity Manager because we were struggling previously with our other solution, which was a little bit worse.

We utilize One Identity Manager to oversee all the identities within the company, and we are constructing workflows to enable self-service keys for compliance and access matters.

One Identity Manager is the optimal solution for creating a unified platform for enterprise-level user administration and governance.

One Identity Manager provides a unified platform for managing both data and privileged accounts. We receive alerts for privileged access and, based on specific criteria, we can determine whether the request is for an end-user account or a privileged account, and apply the appropriate permissions seamlessly.

The user experience and interactivity of One Identity Manager are straightforward for non-IT individuals to utilize.

Customizing One Identity Manager is easy to do.

The business roles of the solution that maps company structures for dynamic application provisioning are important because they help our organization fulfill the needs of any employee automatically, based on the structure. This provides users with immediate access, eliminating the need for human intervention.

The ability of One Identity Manager to extend governance to cloud applications is of great importance because cloud applications have become a new tool in our society. Whether we use private or public clouds, every company will eventually have to transition to the cloud. Therefore, it is crucial to be able to manage all our access within a single platform, which is the best approach. Hence, we obviously require a platform that can connect to the cloud and also handle compromised applications, making it transparent for business use.

One Identity Manager's ability to automate tasks that previously required human intervention has benefited our organization by freeing up the time of our IT department to concentrate on other tasks.

The solution helps us minimize gaps in governance coverage among test, development, and production servers because we can provide access through any environment within the system, freeing up time for our business.

The solution has helped us create a privileged governance stance to close the security gap between privileged users and standard users. We can now view all the accesses from a single interface, which enables us to be proactive in our compliance efforts. Without One Identity Manager, we would have to depend on multiple tools and reports, which can sometimes be delayed. By utilizing One Identity Manager, we can establish preventive rules to avoid any SOC problems or on-the-fly access. While certain access can be granted without risk, it is crucial to have a clear overview, of which One Identity Manager provides.

One Identity Manager helps streamline application access decisions for both permissions and licenses. Using a web designer, we have designed routines that allow us to create disclaimers or automated questions. Based on the user's responses, we can propose either a free license or a pro license, depending on the specific case. Additionally, we have implemented routines to uninstall and deactivate licenses when they are not in use. However, this is always a challenging task because we want to ensure that users do not waste time if they need the software again. The fact that we can easily request any application through an automated process is advantageous. Furthermore, canceling a license does not significantly impact the business since it can be reinstated within minutes if needed again after a few months of not being used.

Streamlining application compliance and application auditing is essential. The single pane of glass visibility helps us maintain compliance, and for application auditing, we can utilize all the reports provided by the IT team. Additionally, we can conduct our own audit reviews and collect evidence to ensure that the process is followed without relying solely on the IT team. This approach aligns with our automation mindset, which we aim to introduce.

One Identity Manager facilitates application owners or line of business managers in making application governance decisions without involving IT. We can provide them with a view where they can see the individuals who have worked on it, the process of their request, and the validating authority, all without needing to inquire from the site.

One Identity Manager has assisted us in achieving an identity-centric zero-trust model through the implementation of various processes.

One Identity Manager is flexible and offers numerous connectors that enable us to serve as the core component of the system, as well as to construct our own connectors using the API.

One Identity Manager can be made more user-friendly for end users. Out of the box, it can be difficult to navigate through the drop-down menu, especially when it comes to accessing the subcategories.

I have been using One Identity Manager for four years: two years as an integrator and two years as a user.

One Identity Manager is stable.

I give the scalability of One Identity Manager a ten out of ten. We are able to scale no matter what. It's completely compatible with the S5 and can achieve load balancing on web servers. It can be integrated into a single database or a cluster for scalability. I can confidently say that if my company were to triple in size tomorrow, it could handle that. I don't have to install what I don't see. I just need to make some improvements to the database and convert it into a web server that will be accessible to users.

If we experience a major incident in production, we can expect to receive a response within one hour. We find solace in knowing that any significant problems will be promptly addressed.

Positive

We had previously worked with Evidian Identity Governance and Administration, among others, but none of them provided all the features in a single solution, unlike One Identity Manager.

The initial setup is complex. Every identity solution is complex because the most important thing is not really linked to the project. It's linked to the analysis we have made before, and then our solution is not linked to the project. Every time, I think that whenever we have to put the analysis management solution in place, it will be complex because we have to take care of the processes that are already in place and also what is happening in the same tool. We have to consider all the existing processes and challenge them to make them better. Many times, some processes are difficult because we couldn't execute them perfectly with the previous solution. So we have to be able to identify if the process is in place like this because of the previous solution that doesn't handle every aspect easily, or if it needs to be redone. The deployment took one year to complete.

We had two individuals from the integrator and two internal employees dedicated full-time to the deployment.

The implementation was completed by our integration partner who provided us with an excellent expert from their team, even though the solution required additional personnel capable of integrating everything within one year. Overall, the experience was positive.

I give One Identity Manager a nine out of ten. This is a solution I want to work with because it brings satisfaction to our users.

We have a complex environment with over 50 locations, various departments, and multiple companies, each with hundreds of distinct functions.

We have two individuals responsible for maintenance, updates, and access to integrators who can provide assistance if necessary. We have around 5,000 end users.

I recommend that organizations wishing to utilize One Identity Manager should first provide internal training for their employees. This approach will enable them to develop their own understanding of the company and reduce dependence on external integrators.

We are utilizing One Identity Manager as a provisioning engine. The main use case for us is to manage the identity life cycle of enterprise users in our context.

In my current role where I am managing this overall program, not only from the administration aspect but as the one whom all other departments reach out to with their request, one clear benefit is delegation. One aspect that I like about this solution is delegation. We have delegated administration in a way that we have access to new campaigns configured. This solution has a prebuilt option where we can configure campaign managers, and those campaign managers have a very nice prebuilt dashboard where they can monitor the campaign itself. That is very helpful. We can give these department's folks access.

Our identity landscape is very customized and unique. We are not only providing access for different users; we also have a huge set of non-human identities. We have a huge set of provisioned and service accounts. In our previous legacy solution, the issue that we were facing was that the solution was not very robust. We could not come up with some self-governed scenarios, such as moving the ownership of non-human identities, moving the ownership of service accounts based on the change in the managerial hierarchy, or based on users' movements within the organization. With One Identity, there are very good features that come prebuilt. For example, the department hierarchy within the One Identity solution helped us to build some automated logic, which was missing in the legacy solution. Other than the self-service features, there is also the ability to use ready-made capabilities and scale up on top of it. That was another reason to go for this solution at that time.

We make use of the solution’s business roles to map company structures for dynamic application provisioning. We use it quite heavily. In our context, we have two types of roles. We are using more of the requestable roles, not dynamic roles, and we also have dynamic role-based access control configured as per our organization hierarchy. We have defined entitlements and accesses that each department leverages. Accordingly, we have defined roles in our system.

The capabilities of this solution, in terms of out-of-the-box features and the ability for us to do customization on top of it, have helped us to come up with some automated processes, which were earlier taken care of manually by our staff. Whenever human intervention is involved, it is prone to error. It has helped us to bridge those gaps, which ultimately enhanced our governance score.

It has overall helped us to create a privileged governance stance to close the security gap between privileged users and standard users. With the processes that we had earlier, there were gaps in terms of changing the ownerships of privileged accounts and managing them in a way to have notifications in place. The majority of the stuff is provided out of the box to manage privileged accesses. Also, if you are a One Identity shop and have the Privileged Access Management product from One Identity, you are covered 100% out of the box. You do not have to do any customizations. If you are using any other tools for privileged access management, the product has very good features, which you can scale up and customize in your own context.

It has helped enable application owners or line-of-business managers to make application governance decisions without IT, but we are not using it that extensively for that. In terms of the product having features to do it, it has the features because we are using business roles where we have defined owners of business roles. Product-wise, there is out-of-the-box functionality for business owners to manage the membership. In this way, those lines of business owners are empowered to either revoke access or conduct a review on it. Earlier, with the legacy product, they were not able to do that because there was no such functionality.

In terms of user experience, once you get an understanding of the overall working of the product, it is not that difficult. There are so many underlying components within the product, and they are interlinked and working together. The initial impression is that it is just way too complicated for any developer to customize, but once you get familiar with how it is processing the information and how each box is working in silos, and what is the linkage in between, it makes sense. On a scale of ten, I would give it a seven. Three points to spare are for One Identity to enhance its documentation and maybe come up with more. They have a very good YouTube channel where they post content about One Identity. That is very helpful. However, in terms of explaining to new developers, there is room for improvement.

It has a lot of depth. It has advanced features. As a customer or as someone who is managing the solution, I like its self-service capabilities where it has lots of powers, and the users can select any reference users. The majority of the time, we face an issue where new joiners are not aware of what they need to have in order for them to do their job. One Identity has the answer where they can know this by selecting any reference users, which are basically their colleagues. This way, they can quickly know what sort of access they have in the system, and they can raise the same. The system will automatically identify it for them. It saves a lot of time and is also a very useful feature.

Another valuable aspect is the depth of the product. It allows the support team to reroute certain requests to different people, and within their request flow itself, you can ask questions. All these features are very helpful in our context.

There is room for improvement in terms of the ease of adding custom forms to onboard contingent workers. IT Shop is a great tool, specifically in terms of the self-service mechanism where it allows users to request different accesses. However, there are no prebuilt or easily customizable forms that developers can use to create onboarding forms for contingent workers. In most organizations, contingent workers do not have any authoritative source as HR. The majority of the time, the only authoritative source is the Identity Manager or the Identity Management department itself. I would love to see any enhancement in this regard. For user experience and intuitiveness, on a scale of ten, I would rate it an eight out of ten.

There is no out-of-the-box or very easy way to configure processes to manage non-human accounts. The functionalities that we have built are totally customized on top of what One Identity provided out of the box. It would have been nice to see some out-of-the-box or plug-and-play features available for it. However, the functionality was there, and we were able to scale up in terms of customization. Whatever we did was totally customized.

There should be some ready-to-use templates or utilities as the other Identity product providers have. There should be some sort of features that you can enable or there should be utilities that you can even purchase at extra cost. For example, it would be nice to see the utilities to manage privileged accounts or forms, onboarding forms, or other small things that different clients can leverage, even if it comes at a fraction of the cost.

The overall documentation needs improvement. This product has a lot of features, but people are not aware of it. The depth itself is still unknown.

Skilled resources are very difficult to find for One Identity, which leads us to the conclusion that there is very little certification or free information that users can just opt for and learn. In addition to the documentation, they should also provide more resources. Free training for partners would be nice because being a manager, it is very hard for me to locate skilled resources for this tool.

I have been using this solution for a total of five years. I have worked with it for three years in a technical role and for two years in a managerial role where I am managing people who are directly and technically managing the solution.

It is very stable. We do not need to do anything even with patching. I would rate it a nine out of ten for stability.

I would rate it a seven out of ten for scalability because I feel that the architecture of the product is such that you cannot have very effective active-to-active integration between the job servers.

For critical issues, it is good because you can call them, but for the regular issues, I feel that there is a lack of skilled resources on their side.

Neutral

We had another solution from a different vendor, and we replaced that solution with One Identity. We switched because of the self-service capabilities and advanced governance features, which were missing in the earlier solution.

Onboarding from authoritative sources and onboarding directly to One Identity Manager for contingent workers was never an issue for us, even with the legacy solution that we had earlier. The main use case for which we mainly deployed One Identity Manager and replaced the legacy solution was the self-service capabilities. There were limited self-service capabilities in the legacy solution. So, we brought this solution, which complemented the automated provisioning of users in a way that not only the solution is capable of automatically provisioning accesses based upon the policies and templates that we define in our system, but it also has very good features where it allows the end users to do many tasks by themselves. There is a self-service portal, which is called IT Shop in One Identity's terminology.

In terms of consolidation of procurement and licensing, we have not used any other solutions in such depth or so extensively. We still have one use case, which we had with the previous product as well, where we have all Oracle E-Business Suite accesses published on our self-service. The same flows are valid with One Identity as well. However, they are managing the POs and other things. That is still with the ERP itself. We have not gone to the extent of taking responsibility for the functionality of each responsibility within our identity management.

It is deployed on-prem. Our project was not just a deployment. It was also replacing the legacy solution. It was quite a unique and complex project. It took us around eight months to complete it fully because we not only deployed it, we also replaced the whole solution, and we had many integrations in place.

It requires maintenance in terms of product upgrades and security patching. In terms of One Identity upgrades, every two years, we have to upgrade because the previous version is not supported. The other thing for every organization is infrastructure vulnerability patching, so it does require maintenance.

The team that performed the deployment and did the migration had three people: two technical and one architect. The team that is currently managing includes one administrator, one architect, and one developer.

It is cost-efficient compared to its competitors. It is cost-effective. I do not know about the other regions, but here in the Middle East, the competitors are almost double the price.

I would recommend One Identity Manager in terms of value for money, but I would not recommend it in terms of skilled resources. If One Identity increases education, then it is a very good value product.

In terms of the extension of governance to cloud apps, we do have such a mechanism, but we are not directly connecting with any cloud apps. We follow our process. We do it through a proxy or some sort of data power or middleware tool. So, we do have some integration with cloud apps, but we have not used the new feature. I suppose they now have out-of-the-box connectors to connect with cloud apps, but we are not using that feature as of now because it requires a separate license. Unfortunately, we have a short budget on that ground. However, from what I heard from my developers, it is a very nice feature, and it is easy to connect, but we do not have the use case to validate.

Overall, I would rate One Identity Manager an eight out of ten.

We use One Identity Manager to synchronize SAP inbound and outbound Exchange data. More generally, we aim to synchronize data between target systems, such as those used in banking or other companies, and One Identity Manager.

One Identity Manager includes a default SAP connector that we utilize. Its simplicity is evident in connecting to SAP sites through a straightforward click or by completing a connection filtering form. We can easily establish mapping and workflow for SAP sites, making it a streamlined process. While exceptions may exist for specific customers, we can accommodate their needs by customizing workflow mappings based on their requests. Overall, the SAP connector provided by One Identity Manager is remarkably user-friendly and accessible to all, in my opinion.

We've used the web designer module, but it won't be available next year. One Identity has transitioned from web designer to Angular web development, offering complete freedom to create custom web pages and websites. While Angular requires JavaScript knowledge, it provides unrestricted development capabilities, unlike the complex web designer module. New employees struggled with learning web design, but Angular's accessibility empowers developers to modify everything within the One Identity website and backend, including database interactions and custom code development. This flexibility makes One Identity Manager a powerful tool for connecting various systems and databases.

Business roles are crucial for our customers because they are an essential identity management tool. Without them, we'd need to manually authorize every employee and group. However, Business roles allow us to create and assign business roles automatically. This is vital for our customers as we develop best practices for business workflows. A key component is creating business websites, for which we establish job descriptions and roles. Subsequently, we automate role assignments based on organization or title, which significantly streamlines our processes.

One Identity Manager is user-friendly for the end user.

One Identity Manager significantly simplifies application auditing. The auditing site we use extensively is one of its most valuable features. One Identity Manager is remarkably effective for auditing because it empowers us to create and deliver new attestation or compliance tools. We can generate all these audits through both the website and Manager modules. The audit screen on the website is exceptionally user-friendly. Customers consistently praise the audit feature, and we have received no complaints about the auditing site. We are highly satisfied with using the audit site for One Identity Manager.

One Identity Manager's most valuable asset is the ability to customize its front-end website.

The One Identity Manager documentation could be improved. Despite using the solution for six years, I encounter difficulties understanding certain features due to unclear explanations in the documentation. Additionally, while the One Identity Manager community has the potential to be a valuable resource, the community site does not effectively assist all users.

The report site could be improved because while One Identity Manager offers around forty default reports, our customers find them insufficient for their needs. Consequently, we must create custom reports to meet their specific requirements. Although building custom reports within One Identity Manager is straightforward, enhancing the existing default reports would greatly benefit our users.

I have been using One Identity Manager for six years.

I would rate the stability of One Identity Manager nine out of ten. While all software products are prone to errors or bugs, I have encountered none, specifically in version nine. Compared to previous versions like eight and seven, which did experience issues that required resolution, version nine represents a significant improvement in stability and reliability, making it the best version of One Identity Manager thus far.

One Identity Manager is well-suited for large-scale environments, making it an ideal solution for enterprise clients.

We use Premier Support from One Identity Manager. They respond quickly to our tickets, and our customers are extremely happy with the support.

Positive

The deployment is straightforward and takes a week to complete.

Prices in Turkey are high due to inflation, a challenge we've heard about from our customers. We understand that European consumers may have different expectations, but we must reduce the pricing to attract customers.

I would rate One Identity Manager nine out of ten.

Generally, we don't utilize a governance site but instead rely on an identity management site. Initially, our customers define the SAP architecture or structure, outlining user roles that must be created and associated with specific rules. We then establish the SAP site's structure and architecture, focusing on user management before addressing roles. Subsequently, we incorporate the business side to enable dynamic role calculation for users by creating business rules for role management and assigning roles to users.

I highly recommend One Identity Manager to others. Its ability to develop everything within a single platform is incredibly valuable for customers. Many other products or software often encounter challenges or require custom development, but One Identity Manager offers a comprehensive solution. Its simplicity and customization options make it a standout choice. While I haven't used other identity management products extensively, I am familiar with some features of competitors like SailPoint. However, One Identity Manager's flexibility allows for modifications to accommodate specific needs, unlike some out-of-the-box alternatives.

We obtained tickets for user access roles to grant appropriate access to specific target systems. To process these tickets, we need to determine the user queue number, search for the corresponding user in One Identity Manager, and verify their target roles. The process includes understanding how to resolve each ticket.

One Identity Manager provides a single platform for enterprise level administration and the governance of users.

Immediately after deployment, we can reap the benefits of One Identity Manager. Based on my previous experience resolving similar tickets, I am confident that users will receive the desired access to roles upon completing the necessary configurations within the manager and observing the job queue.

One Identity Manager's user interface can be confusing due to its multiple UIs. Having worked with ForgeRock Identity Access Management, which has only two UIs for access and identity management, I believe One Identity's interface is significantly more complex and challenging to navigate compared to ForgeRock or other similar tools.

I have been using One Identity Manager for almost eight months.

It lags. Due to configuration issues, the system requires eight to ten GB of RAM, ideally 16 GB, to function properly with One Identity. If the system has eight GB of RAM or less, the tool will experience lag during use, regardless of the task being performed.

I previously used ForgeRock Identity Access Management but have been asked to switch to One Identity Manager for a new project.

Deploying One Identity Manager proved challenging due to the extended time required to install all necessary tools and subsequently gain access. While deployment would be significantly easier with the documentation, the process is lengthy regardless of the system. Additionally, any system hosting the tool must have a minimum configuration of 16 gigabytes of RAM. It takes one day to fully deploy One Identity Manager.

I would rate One Identity Manager six out of ten because of the complicated UI and system configuration lagging issues.

One Identity Manager requires no maintenance; once deployed, it can be used for any required purpose and then closed. However, if deployed on a virtual machine or VMware environment, it must be accessed every one or two years to prevent deletion due to machine expiration.

I have implemented One Identity Manager in banking for research access and education for onboarding diverse users, managing identity lifecycles, and automating processes like account activation and provisioning. It is crucial for securing and streamlining identity management in both sectors.

One Identity Manager has enabled us to implement an Identity-centric zero-trust model, enhancing our access management system. This has strengthened security by granting users precise and necessary access, contributing to a more robust and secure environment for our company.

The most valuable feature of One Identity Manager for me is its Designer tool. This tool allows me to write custom code and provides flexibility to customize and adapt the system to meet specific business objectives.

There is some room for improvement with One Identity Manager. The Metamodel is not developer-friendly, and the web designer customization could be simplified. The report editor tool needs an update as its underlying technology is outdated. Additionally, a stronger community portal for quicker support responses would be beneficial.

I have been working with One Identity Manager for eight years.

I would rate the stability of One Identity Manager as a ten out of ten.

One Identity Manager is suitable for handling up to around five million records, but scalability becomes a challenge with larger datasets, such as over seven million people.

The biggest value of having premium tech support with One Identity Manager is the quick and efficient resolution of issues. However, there have been instances where the support response time could be improved. Overall, I would rate the support as a seven out of ten.

Neutral

The initial setup of One Identity Manager was not overly complex, and the documentation could be more user-friendly with additional visuals. We took the help of a consultant during deployment, involving five people. Maintenance is handled in-house as it is an on-premise solution.

One Identity Manager is affordable.

I appreciate that One Identity Manager is a suite with separate tools for managing and governing users, data, and privileged accounts. I find it beneficial that they have organized functionalities into distinct tools rather than consolidating everything into a single screen.

The user interface of One Identity Manager is intuitive for script writing and configuration, offering flexibility and a clear view of user attributes. However, the web application tool for end-user requests and the reporting tool is less user-friendly, especially for the web designer, which can be complex and not developer-friendly.

I use One Identity Manager to extend governance to cloud apps. This is crucial as cloud migration is widespread, and it is important to seamlessly onboard users and ensure governance on these cloud applications, aligning with the industry trend towards cloud adoption.

Using One Identity Manager, specifically the Safeguard tool, has helped me establish a privileged governance stance to bridge the gaps between privileged users and standard users. It provides a distinct solution for managing both types of users effectively.

One Identity Manager assists in streamlining application access decisions, ensuring application compliance, and conducting thorough application auditing.

One Identity Manager has empowered application owners and line-of-business managers to take charge of application governance decisions independently. The platform provides user-friendly tools, reducing the dependency on the IT team for these processes.

My advice to others is that before purchasing One Identity Manager, assess if it fits your use cases, especially considering the size of your user base. Ensure you have a skilled IT team for maintenance. Engage with the One Identity Manager team, conduct a proof of concept, and validate its suitability for your needs. Overall, I would rate One Identity Manager as a nine out of ten.

Its main purpose is identity management. It is an IGA tool. The organization where I am currently working is mainly using One Identity Manager for identity management and access control. We are also using it for various types of provisioning such as Azure AD, Exchange Online, or SAP account creations. When we talk about identity management, we also consider the various access recertifications. All those are being carried out as part of One Identity Manager.

It streamlines operations. Whatever you put in from an identity management perspective, access governance perspective, compliance perspective, or application perspective gets very easily streamlined. You can easily integrate multiple applications because it provides the inbuilt features or the default connectors. You do not have to know how cloud applications or other applications work. One Identity is doing everything. They provide custom connectors. You just get the details of a cloud application and then connect. One Identity by default will manage the things for you. They have inbuilt features, so you just have to study and implement them. In my last organization where I implemented One Identity, we integrated almost 12 SAP applications. It was easy. Once you define the framework, then implementation is very easy. Implementing multiple applications, managing users, and the entire JML lifecycle is streamlined.

We use One Identity Manager to help manage SAP. One Identity provides a connector for SAP. From an enterprise solution perspective, it can be implemented very safely. I have done multiple SAP implementations with One Identity. It provides all the inbuilt functions and everything related to SAP. It is a very good tool to implement SAP for an enterprise. If an employee has multiple SAP accounts or multiple SAP systems, One Identity provides a singular feature where you can have all the SAP accounts listed under an employee. From a management perspective, it can be easily managed. It is very good. It provides a unified view of all the accounts and various systems of SAP. Everything such as the SAP rules, groups, profiles, and access policies can be managed via One Identity, but I am not sure if workflows can also be managed.

One Identity is a complete and wholesome tool for managing any enterprise application. It provides a unified platform to manage everything. When you implement One Identity, you have all the features needed within an enterprise to manage various applications, such as SAP, Active Directory, Exchange Online, etc. From an enterprise perspective, it is wholesome and unified, and it supports everything. It supports the SaaS features, PaaS features, and cloud features.

We use business roles to map company structures for dynamic application provisioning. Normally, when any employee gets onboarded, they need access to certain company resources. You can assign any company resources to any business role, and you can assign that business role to an employee. That employee automatically gets access to the company resources. It is an important feature, and most organizations use the business roles part very frequently.

We are able to extend governance to cloud apps by using One Identity Manager.

One Identity Manager helps minimize gaps in governance coverage among test, dev, and production servers. For the test environment and the production environment, you have a streamlined approach. The process of transporting from dev to production with One Identity is very smooth. It also provides a transporter tool or feature. You can just pull out the production configurations and put them in a lower environment. It just makes it as similar as production. In that way, the difference in the environments can be minimized. The configurations can be made similar. You do not have to pull the relevant production data. You cannot put it in a lower environment. From this perspective, it streamlines the environment and fills the gap.

It streamlines the application access decisions, application compliance, and application auditing aspects of application governance. It provides various compliance-related features and auditing features. They are inbuilt and very helpful for compliance and audits.

It provides various views. Employees have their own portal for requesting roles or accessing their profiles to see what type of access they have. Similarly, owners have a unified view within the portal for multiple roles, groups, or any resources. They have separate views. They can easily manage things. The views are well segregated within One Identity. There is the product owner's view, the manager's view, the employee's view, and the system administrator's view. There is also the business role owner's view and the call center's owner's view. Everything is well segregated.

There are various tools available in the market. The best part of One Identity Manager is that it provides wholesome features. Most of the things required for identity management are given out of the box in One Identity Manager. You can just define your use cases, take this tool, and right away implement the solution. The default features and the default setup are already embedded or built into One Identity Manager. That is what provides One Identity Manager an advantage over other tools where we have to customize things, whereas, in One Identity Manager, most of the things can be done out of the box. On top of that, if something needs to be customized, that can also be done in One Identity Manager. The inbuilt functions or features that One Identity Manager provides for identity management are very good.

I have been working on it for the last six years. It is very good from the user experience perspective.

Sometimes, when we implement One Identity in the organization, customization has to happen. You cannot skip the customization. You cannot just implement the One Identity model and go ahead with it. However, whenever we make any customizations, the logic of the customization can interfere with the existing logging of One Identity. All such things have to be a bit clear. They have to be well documented. One Identity should provide information about how these things work. This is the only thing. There are some gaps in that, but One Identity is trying to bridge those gaps.

I have been working with One Identity Manager since 2018. It has been around six years.

It is a very stable tool. There is about 80% stability.

It is scalable. I would rate it a ten out of ten in terms of scalability.

In my project, we have around 23 people using it.

We just take the normal support whenever we have any issues. For the premium support, you have to pay a lot.

The support from One Identity is very good. Whenever you reach out to them, they help you out. If you have a license, they have a technical support team. They also have a professional services team if you need any professional support. From the customer service perspective, they are pretty good. You can reach out to them anytime. That is a very flexible option they have.

In terms of documentation, they have everything. They have all the technical documentation and all the details. They also have a user forum where you can post your queries. It is a global forum where experts reply within an hour or two, which is very good. You can reach out to these experts, and they will help you out. The user experience is very good with One Identity.

Positive

In the current organization, we have had One Identity from the very beginning, but I have worked with other products. One Identity is far better than them. Pricing-wise, One Identity is more costly than others, but in terms of features, One Identity provides many features by default. It was not available in other tools. We have to do everything from scratch, whereas you do not have to do that in One Identity.

It is deployed on the cloud. If you want to install One Identity from the very beginning for the cloud application, it will hardly take three months. It can also be done before that. For a huge client, it takes time. For a small client, it can be implemented within two months.

It does require maintenance. From time to time, they have upgrades. They have long-term releases year after year, so it has to be updated. Sometimes, they do a cumulative update to fix many issues.

For upgrades, I am the only one, but when it comes to implementation, we have multiple teams. We have four to five members actively working, and then there are supporting resources.

It has saved us about 30% of the time.

It is fairly priced because they provide all the features by default. That is why they charge a bit more than other vendors. I am not sure about the exact cost part, but One Identity is a little bit more expensive than IBM and other tools.

I would definitely recommend implementing One Identity, but you have to understand how One Identity works and how it has been developed. You will be able to easily implement it then.

One Identity is a unified solution, and most of the features are inbuilt. Before you make any customizations, you need to understand how One Identity works. That is a critical bit. Normally, developers have a development mindset. They do not think from the framework perspective, but One Identity has been implemented from a framework perspective. They have designed this solution keeping in mind the needs of enterprises and how enterprises manage their accounts, employees, and applications. You should look at it from the framework perspective and not the customization perspective. However, even if you have to make any customization, it is very easy. You just have to learn .Net and MS SQL. If you understand how One Identity works, implementation and customization are very easy.

Overall, I would rate One Identity Manager an eight out of ten.