One Identity Manager Reviews

I am a consultant who works on the backend of One Identity. When a client has a requirement, I add it to the back end. 

One Identity Manager simplifies procurement and licensing. Using business roles helps a lot. Provisioning enables users to make application governance decisions without involving IT personnel. It makes it easier by using account definitions and business roles. 

You can assign different AD groups and applications and enable them for specific users depending on their roles. This minimizes gaps in governance coverage among test, dev, and production servers and makes things easier. 

One Identity is a complete solution that has everything we need. We can use it to manage SAP. It connects SAP to employee identities under governance. This functionality is critical. One Identity Manager provides IGA for the more difficult-to-manage aspects of SAP, which is also crucial. The SAP-specialized workflows are easy to implement. 

One Identity provides a single platform for the administration and governance of users, data, and privileged accounts. It provides a complete overview of all these things. The user interface is intuitive and nice. It shows everything. Customizing the interface isn't hard. You can create custom fields. This is one of the most important things.

The documentation is poor. For example, the synchronization editor has a lot of things happening, but there's just a description. If you want to do something specific with that like create custom views, they just say go to the extension and select the UUID. However, if we don't have a UUID for this view, it will not work. That isn't in the documentation.

It extends governance to cloud applications and it's complete, but there needs to be more connectors for it. That's the only thing I don't like.

I have used One Identity Manager for a year and five months.

I rate One Identity's support eight out of 10. We use the standard support. They send you a link to the documentation or a forum where someone else had the same problem. However, sometimes the documentation isn't useful, so they need to escalate the user to the product leads. In those cases, it takes weeks to resolve. 

Positive

The initial deployment was easy and could be completed in one or two days if we only consider the installation and synchronization of target systems. However, it takes longer to set up the business roles and all that. 

I rate One Identity Manager nine out of 10. The only issue I have is the documentation. 

One Identity Manager is an identity governance and management tool. Our customers have defined policies based on their infrastructure but not an intelligent centralized system that handles all the application and user information. When a user requests access to an application, we're the first ones to get that info and perform corporate operations like onboarding and offboarding. We also provide the necessary access. 

We manage about 200,000 users. A bank is one of our biggest clients, so managing their systems is a little more complex. They have multiple streams, making it somewhat complicated. 

One Identity provides our customers with a holistic, centralized automation process. Security compliance is the primary thing. When we audit the report, we can track what applications they are using and ensure that everything they do is within the security system. We can prevent incidents, but if something does happen, we can block that user or that system from accessing other resources.

The solution minimizes governance gaps across environments. When you're working with a large corporation, you can easily find gaps in the security. For example, accounts may be outside of the security system, or the creation and onboarding may be delayed, causing challenges. We can automate the entire process with a centralized platform to ensure the work is done on time. 

Having a centralized system to maintain everything saves time and avoids confusion. It ensures that everything is under the scope, improving security compliance. As companies grow, they face more security challenges, and this solution helps to address them. 

One Identity improves customers' operations by increasing security and reducing costs. Everything will be in line, from onboarding to offboarding. In terms of user privileges and access, everything stays within the scope. Companies can secure their resources and make them available as needed. It's a completely automated process that happens daily. Companies can cut costs by automatically removing access to paid users on leave because we usually pay a per user cost for services. 

Privileged access is part of company policy, and we provide access based on that criteria. The hierarchy will differ depending on the application. A privileged user will have access to the bigger applications or they will have admin role access. One Identity gives us a centralized system to do that.

Let's say a company has infrastructure, development, and finance teams, each with a separate IT shop. From this information, we know that this person belongs to the finance department, so they will receive all the access for someone in finance based on company policy. However, sometimes, the financial department isn't allowed to use the technical systems. We consider the policy criteria the user meets. 

If somebody requires access to something else, they can request access to those applications. Once an application is aligned with One Identity, we will have the application information and know how many users are on boarded to that application, so we get updated information about the number of users with access and how many use it. We generate reports each month on which applications users access and how often. 

I like One Identity's reporting features and the single sign-in option. Users can skip multiple logins. It also gives us a centralized system that lets us know about a user's access. This is an automated process. If a user leaves the company, One Identity will ensure their application access will be removed after a certain date. When the user joins a company, it ensures all privileges are created and active by the start date.

Using an open-source integration platform, we can integrate any service provider with One Identity. I think the user experience has been positive. Customizing the solution for each company's requirements has been challenging and interesting. Some of these companies are massive and have significant requirements, and we need to ensure that everything is under the scope.  We are collaborating to test and incorporate other functionalities. Corporations might also have their own applications, so we should be aligned with those. 

One Identity could add more connectors for various services we integrate. We need to build and configure custom connectors for our clients with complicated environments and multiple data streams. 

I have used One Identity Manager for two years.

One Identity is stable, but I can't say there are no issues. It depends on the server load and everything. 

One Identity is scalable. 

I rate One Identity support seven out of 10. They respond immediately when we reach out, and you can also get answers through their user community. 

Before One Identity Manager, we used a solution by Dell. A lot of things are in the cloud, so we cloud-native Azure and AWS tools to cover those. 

I was not involved in the deployment. Regarding maintenance, we have multiple teams working with One Identity to maintain and monitor it. Around 40 to 50 are working on this tool.

I rate One Identity Manager 10 out of 10. Before implementing One Identity, you should review the company's policies and all of the systems within its scope. From there, you can decide what the best solution is. For example, if you have an Amazon cloud environment, you should probably go with the AWS solution. 

I have implemented One Identity Manager in banking for research access and education for onboarding diverse users, managing identity lifecycles, and automating processes like account activation and provisioning. It is crucial for securing and streamlining identity management in both sectors.

One Identity Manager has enabled us to implement an Identity-centric zero-trust model, enhancing our access management system. This has strengthened security by granting users precise and necessary access, contributing to a more robust and secure environment for our company.

The most valuable feature of One Identity Manager for me is its Designer tool. This tool allows me to write custom code and provides flexibility to customize and adapt the system to meet specific business objectives.

There is some room for improvement with One Identity Manager. The Metamodel is not developer-friendly, and the web designer customization could be simplified. The report editor tool needs an update as its underlying technology is outdated. Additionally, a stronger community portal for quicker support responses would be beneficial.

I have been working with One Identity Manager for eight years.

I would rate the stability of One Identity Manager as a ten out of ten.

One Identity Manager is suitable for handling up to around five million records, but scalability becomes a challenge with larger datasets, such as over seven million people.

The biggest value of having premium tech support with One Identity Manager is the quick and efficient resolution of issues. However, there have been instances where the support response time could be improved. Overall, I would rate the support as a seven out of ten.

Neutral

The initial setup of One Identity Manager was not overly complex, and the documentation could be more user-friendly with additional visuals. We took the help of a consultant during deployment, involving five people. Maintenance is handled in-house as it is an on-premise solution.

One Identity Manager is affordable.

I appreciate that One Identity Manager is a suite with separate tools for managing and governing users, data, and privileged accounts. I find it beneficial that they have organized functionalities into distinct tools rather than consolidating everything into a single screen.

The user interface of One Identity Manager is intuitive for script writing and configuration, offering flexibility and a clear view of user attributes. However, the web application tool for end-user requests and the reporting tool is less user-friendly, especially for the web designer, which can be complex and not developer-friendly.

I use One Identity Manager to extend governance to cloud apps. This is crucial as cloud migration is widespread, and it is important to seamlessly onboard users and ensure governance on these cloud applications, aligning with the industry trend towards cloud adoption.

Using One Identity Manager, specifically the Safeguard tool, has helped me establish a privileged governance stance to bridge the gaps between privileged users and standard users. It provides a distinct solution for managing both types of users effectively.

One Identity Manager assists in streamlining application access decisions, ensuring application compliance, and conducting thorough application auditing.

One Identity Manager has empowered application owners and line-of-business managers to take charge of application governance decisions independently. The platform provides user-friendly tools, reducing the dependency on the IT team for these processes.

My advice to others is that before purchasing One Identity Manager, assess if it fits your use cases, especially considering the size of your user base. Ensure you have a skilled IT team for maintenance. Engage with the One Identity Manager team, conduct a proof of concept, and validate its suitability for your needs. Overall, I would rate One Identity Manager as a nine out of ten.

I designed and implemented One Identity Manager for clients across various companies. This involved a wide range of use cases, including standard employee lifecycle processes like onboarding, transfers, offboarding, and location changes. I also implemented more sophisticated use cases, such as automatically creating Active Directory groups and service accounts based on user requests and approval workflows.

One Identity Manager's enterprise view for managing logically disconnected SAP accounts is good.

One Identity Manager acts as an Identity Governance and Administration solution specifically designed to address the complexities of SAP systems. This deep integration allows for advanced features like implementing Separation of Duties rules, ensuring a more secure and controlled SAP environment.

One Identity Manager delivers important SAP-specialized workflows and business logic.

One Identity Manager provides one platform for enterprise-level administration and governance of users, data, and privileged accounts.

One Identity Manager, while not boasting the absolute best user interface, offers an intuitive experience. Through its integration with SAP, it provides a comprehensive solution for managing the entire user permission lifecycle, including SAP roles and transactions. I was particularly impressed by its ability to seamlessly read details from the SAP system using a standard connector.

One Identity Manager simplifies backend customization by allowing us to implement custom processes, functions, scripts, and more. However, customizing the web portal, especially the new Angular web portal, is a more challenging task.

One Identity Manager offers a sophisticated model for the business roles to map company structures for dynamic application provisioning.

The functionality of the business role is important because if we build the right business structure, we can simplify the permission manager.

One Identity Manager helps minimize gaps in governance coverage among test, dev, and prod servers.

One Identity Manager helps create a privileged governance stance to close the security gap between privileged and standard users. This has improved our security posture.

One Identity Manager helps streamline aspects of application governance which simplifies the reporting.

One Identity Manager enables application owners and line of business managers to make application governance decisions without IT. Being able to see what users have access to and make the decision regarding the request from one platform, saves us time.

One Identity Manager helps us achieve a zero-centric trust model. 

One Identity Manager stands out for its modular design, allowing us to easily customize it with specific components, and its flexibility to handle any identity and access management scenario we encounter.

One Identity Manager doesn't provide all the user interfaces we need for business users out-of-the-box. This means we need to customize the web portal to display all the information we want to make available to them.

The ROM control modeling has room for improvement.

The user experience can be more user-friendly.

How One Identity Manager deals with disconnected systems needs improvement.

I have been using One Identity Manager for over ten years.

I would rate the stability of One Identity Manager ten out of ten.

One Identity Manager's scalability is the best in the market. From a technical perspective, the number of identities and entitlements we can manage with the overall architecture is good.

The One Identity Manager support is good.

Positive

I previously used Oracle Identity Management and SailPoint IdentityIQ. I switched because I was interested in One Identity Manager which is more popular and trusted in our country.

The initial deployment is straightforward. While the initial software deployment itself can be completed in a day, a full rollout typically requires additional time for configuration, customization, and other necessary steps to tailor the software to our client's specific environment.

One Identity Manager is expensive.

I would rate One Identity Manager eight out of ten.

One Identity Manager requires one to two people for maintenance per project.

I recommend using a partner to evaluate and implement One Identity Manager.

One Identity is used to create, sync, and delete accounts automatically across multiple systems. The product allows employees to be managed from our Human Resources system, while consultants and temporary personnel can be managed manually. The system provides automated workflows and birthright assignments for easier management of similar accounts or those in the same department or role. 

With the system synchronized with our HR database, new account creations are automated and include an email to managers providing users with their credentials for initial login. Only the hiring manager will receive a copy of the initial username and password, helping further secure this information and have it readily available before the employee begins. 

The automation of employee creation and de-provision has streamlined the process in many areas. For employees, all actions begin in the HR department and flow downstream, keeping all systems synchronized with the same data.

Since the system is tied to our HR database, automation has allowed us to immediately terminate accounts based on employee status instead of waiting for notification from a manager.

Consultant accounts are also set on an automated schedule to send an email if an account isn't used within eight days. The account is also automatically disabled if not used in ten days. This provides additional security by not having accounts enabled but not in use.

Several employee data fields are synchronized to Active Directory, providing easy access to other applications (office, address, description, telephone, employee status, etc.). The update process is scheduled and automated to run multiple times a day, so Active Directory is always up to date with different employee data.

The One Identity birthright process has helped generate user accounts more accurately and quickly. Our Service Desk ticketing system is now used to complete user accounts and provide only what isn't common across their department or team. 

The One Identity system is very modular. The product is similar to an erector set, where you can do the same thing in many ways. While this is great, it also can allow you to set yourself up for failure later. The product does require some level of developer skills, so having the ability to make system changes without being a developer would be a plus. 

A tool called Analyzer is included to assist with birthright generation. The tool isn't very user-friendly. It would be helpful to have a tool to more easily find common groups across departments or teams so more groups could be managed in an automated fashion.

I've been using the solution for seven years.

The One Identity platform has been a stable system that provides consistent results. 

This product is extremely scalable. The more development knowledge you have, the more you can do with this tool.

Support has always been responsive and helpful.

Positive

We did use Hitachi IDM. The tool was a first-generation IDM tool and was very difficult to manage.

The initial installation was fairly complex as it is capable of integrating with so many different systems. There isn't an easy wizard to walk through and get you going.

Professional services were used for the initial implementation of the product. We found a different partner for ongoing work and support. Their knowledge of the product is excellent. 

One Identity, in partnership with our consultant partner, has allowed our company to streamline many processes and save employee time for other important tasks. 

I would advise finding and using a development partner for implementation unless you have a dedicated identity management team. Ensure your environment is licensed properly, as One Identity has an active Compliance department. 

No other products were found worthy of trial when surveying the market at the time.

I use One Identity Manager to implement an identity governance and administration solution for end users.

One Identity Manager is a highly adaptable platform capable of integrating both connected and disconnected target systems through connectors and APIs. Its extensive customization options allow it to accommodate a wide range of customer use cases. Additionally, the tool can be scaled to support a large user base and effectively handles role provisioning, joiners, movers, and leavers automation. With its rich feature set and out-of-the-box functionality, One Identity Manager is a powerful solution.

Previously, our user interface relied on a legacy web portal built with VB.NET technology, which suffered from slow loading times. However, One Identity has significantly enhanced the user experience by upgrading to Angular technology for the web portal. This transition has resulted in a much more interactive interface and greatly improved response times. The codebase is entirely based on Angular, which we can leverage to create custom components and enhance the web portal with a more interactive user experience.

We leverage business roles to assign default access permissions. New employees automatically receive specific role-based access upon joining the company. This process is facilitated through the implementation of business roles. We can easily accommodate diverse user types using these roles. For example, a new sales employee can be assigned a corresponding business role. We can create hundreds of business roles to match different departments. Additionally, we can schedule when these business roles are executed, allowing for system operation flexibility. However, it's important to note that frequent scheduling can significantly impact overall system performance and efficiency.

We have integrated EntraID with One Identity Manager for application onboarding. Since authentication can be provided through EntraID, extending governance to cloud applications is necessary. Therefore, all cloud-based applications that are not connected to on-premises systems require integration with EntraID. Failure to integrate will result in authentication errors and prevent user logins. Consequently, EntraID is mandatory for all cloud-deployed applications.

When we deploy the portal, most projects involve migrating from other IGA solutions to our new platform. Initially, users may take time to familiarize themselves with the portal's web interface, but its navigation is intuitive. We provide extensive documentation on accessing the portal, its features, and how to submit requests, along with customer support. While there may be a brief learning curve, the user-friendly design should minimize difficulties.

One Identity Manager helps bridge governance gaps between test, development, and production servers. Development is migrated to a test environment for testing before approval and subsequent migration to production. One Identity Manager is installed on all three environments, each with its own database to facilitate this. Changes are developed in the development environment, packaged, and moved to the test environment for testing. Approved changes are then migrated to production. Maintaining identical One Identity Manager versions across all three environments is crucial to ensure successful package migration, as packages from one version are incompatible with others.

One Identity Manager allows us to establish a privileged governance framework to bridge the security gap between privileged and standard users. Our system defines roles with specific permissions, enabling us to display additional information to users with privileged roles while restricting access to this information for standard users. Our defined roles and permissions make this granular control possible.

We have an approval workflow and policy to streamline application access decisions. Obtaining a specific role must undergo an approval process, and only designated individuals can grant permission. This workflow ensures that role assignments are controlled and efficient, preventing unauthorized access.

One Identity Manager offers a wide range of connectors, allowing it to interface with multiple target systems and perform provisioning and de-provisioning tasks within them. This extensive connector library, available out-of-the-box, is one of its most valuable features.

One Identity Manager is a comprehensive but complex solution. Even for developers, gaining a deep understanding and implementing customizations would require significant effort. It is a challenging product to both implement and comprehend.

The reporting and auditing functionalities within One Identity Manager could be enhanced, particularly in the reporting area, which would benefit from a wider range of pre-built reports.

I have been using One Identity Manager for three years.

Technical support is helpful whenever we need troubleshooting services. 

Positive

The complex deployment took approximately seven months and involved a team of business analysts, a technical architect, and developers. 

We implement One Identity Manager for our customers.

I would rate One Identity Manager eight out of ten.

We are a service provider, and we provide the license to our customers.

One Identity is an IGA tool for identity and access governance. One Identity has another product called Safeguard for privileged access management. Our organization is a startup, so we don't have any cloud applications in One Identity Manager. We manage the Active Directory, LDAP, JDBC applications, and CSV files.

Realizing One Identity Manager's benefits takes some time because many organizations don't know the tool. It has to be pushed to the market. For big organizations that require more control over their data, such as pharmaceuticals and defense, it will be very successful compared to market competitors.

I like how One Identity Manager is designed. We can control granular-level permissions. Compared to SailPoint and CyberArk, we can go granular in the access levels. We can control it at the table, column, and database levels. That's the power of One Identity. 

We can import business roles from a .csv or create them in the manager. It is easy to create as many roles as we want, and there is no limit to the resources we can assign to them.

One Identity's UI is fine once you get used to it, but it's a little harder to learn than its competitors. The font size is too small. You need bigger screens to host that application. The website and portal are fine, but the manager, designer, and other standalone applications used for management or configuration are too difficult to use. The UI should be easier to use, and they should reduce the number of standalone applications to three or four. 

Customization is somewhat difficult in One Identity Manager. The problem is they're using VB.NET, which no one uses. There are no resources because One Identity isn't available on YouTube or any coaching institutes. 

I also find it difficult to add resources to the business roles because we have to use many options in One Manager for that. We have to add it to the IT shop so that the users can submit requests through the web portal, and we must generate that IT shop structure to add resources to the business. There is a lot of complexity in that. 

I have used One Identity Manager for 16 months.

It's an efficient tool for the enterprise level. There is no limit to the number of users. We can go from a hundred users to hundreds of thousands. It is based on the implementation level. We can add many servers to support the extension, but there are fewer resources in India because One Identity isn't a popular tool relative to SailPoint. 

I've used SailPoint. Compared to SailPoint, using One Identity is difficult and complex. You have to use many standalone applications to manage the target systems and for configuration and design, like custom implementation. With SailPoint, we don't need to use too many tools. It's all in the same product. 

In One Identity, we need to use Launcher, Designer, and other tools, whereas SailPoint is completely web-based, and the UI changes based on permissions. But One Identity isn't like that. There are standard applications for administrative purposes, but the end users have a web interface where they log in and request access. SailPoint has a single web platform for administrators, developers, and users. 

One Identity Manager is mostly difficult to set up. I cannot say that it is easy to learn. It takes time to habituate to it and memorize where the options are. There are many options in a single tool. At the enterprise level, it takes between six to nine months to deploy, but it depends on the organization's size. Our organization has between 10,000 and 15,000 users, so we could complete the installation in six months.

For maintenance, we have to take care of the database. We must back that up and ensure there are connections between the database, One Identity Manager, and target systems. There is not much maintenance involved in One Identity Manager.

I rate One Identity Manager eight out of 10. 

One Identity Manager can handle all identity use cases.

It's easy to integrate SAP with One Identity. SAP has different modules, and you can manage users through the One Identity interface. Integrating through a stream connector is simple. 

It's role-based access control, and you can manage it. It's perfect for our customer's governance control. One of my customers is using One Identity's PAM solution. It is a separate component and licensing model.

One Identity should open the market with accessible training material and content so that more developers can be available. They have to improve their marketing strategy, partners, and vendors. One Identity should be attracting engineers to learn their product and get certified. They should have strong forums. They could have a certification program where any engineer can get certified. However, their overall approach is complex, which I do not prefer.

The platform isn't very intuitive like the others, but One Identity Manager has migrated their review scripting to the Angular framework, so now it's good, and they're competing with others from the UI perspective.

One Identity Manager is a little complex from a development perspective. If you compare it to SailPoint, it is easy, but One Identity Manager has so many separate components that it is quite complex for development. And sometimes, we have seen some performance issues.

I have used One Identity Manager for more than 10 years. 

I rate One Identity Manager eight out of 10 for stability. 

One Identity is scalable.

One Identity must improve its support because they have a very limited pool of engineers, and they're often occupied. 

I have used SailPoint.

I rate One Identity seven out of 10 for affordability. It's reasonably priced. 

I rate One Identity Manager eight out of 10. It's more suitable for the enterprise level. I wouldn't recommend it for small or medium-sized enterprises.