One Identity Manager Reviews

We use One Identity Manager for access control and identity management. It is the central repository for all our organization's users. It has all the access control points, role-based access control, security policies, single sign-on, password management, and privilege access management for all the stuff we did.

It's pulling the public Azure access, so we can identify who has the right level of access. And we have the SODs, the artifacts, and the scoring server. It helps us identify customers with that public access and whether it should be removed or managed by the owners.

It helps automate provisioning and launching application accounts. It will also investigate compliance issues. We already have some custom reports, and Identity Manager's built-in reports are quite helpful.

The solution empowers application owners or business managers to make application governance decisions by themselves without IT help. It has a lot of features that allow you to configure that.

One Identity Manager is more scalable and customizable than other products I have worked on, and user customization isn't as complicated. Defender, One Identity's PAM solution, is useful for rotating passwords in the developer's evolving facilities. 

Customizing the UI and backend is easy if you understand the framework. It may take some time to learn, but it's not too difficult once you have it down. Business roles are a handy tool from One Identity that we can map multiple accesses in a single bundle and provide it to the users. You can also provide birthright access to this, so they don't need to request it once onboarded. We can assign them access based on a particular department or a job role.

The out-of-scope connection for the cloud data applications could be better. We have to contact the data on the connection center if it's coming out of the process.

The UI may need some improvement, but it's still great. GraphQL Cloud isn't quite visible yet to the end users, and they said there are some issues there because we have lots of users on board, so it takes time to reflect when the approval is going through and who they should contact to get it approved. The smoothness in that UI performance could be better.

I have used One Identity Manager for four years.

I rate One Identity support eight out of 10. We customized the system a lot when we were using a system. We had dedicated support from the vendor on the data side. They were for within the SLA time.

Positive

I rate One Identity Manager nine out of 10. 

We utilize One Identity Manager for user identity access management and troubleshooting, all founded upon dynamic roles.

I appreciate One Identity Manager as a comprehensive platform for enterprise-level administration. Its centralized approach to identity management eliminates the need to search for or connect to multiple products simultaneously, allowing for efficient and streamlined management of various aspects of identity administration. For instance, while products like Active Roles within One Identity can manage roles, I believe One Identity Manager provides a more cohesive and integrated solution, offering a central hub for all identity-related tasks.

The One Identity Manager is generally intuitive for most users, allowing quick access to all features.

The benefits are almost immediate. Everything we see in the program, the interface, and other tools happens online. With One Identity Manager, we can monitor and manage everything almost instantly in near real-time.

It streamlines application access decisions and application compliance.

One Identity Manager has streamlined our application auditing process. It is an invaluable tool, particularly during implementations or complex projects. Its visual interface and quick user search functionality are indispensable when dealing with real-world scenarios. Although we sometimes utilize other One Identity tools, Manager remains our go-to for the most detailed information. The Manager instantly reflects on any changes, ensuring up-to-date and accurate data.

It empowers application owners and line-of-business managers to make informed governance decisions without IT involvement. As a former identity access management consultant, I found this tool invaluable for helping clients centralize and streamline the management of their applications.

One Identity Manager assists in implementing an identity-centric zero-trust model. This approach, which emphasizes the importance of identity verification, was a cornerstone of my DevOps team's security practices. Zero-trust is crucial because it prevents unauthorized access, even when changes to the application are visible. In such scenarios, trusting no one is essential, as any individual, including threat analysts, system administrators, or consultants, could make modifications. An identity-centric zero-trust model empowers employers to monitor all changes their employees make, ensuring precise accountability.

I greatly appreciate the initial approach provided by One Identity Manager. It's beneficial because we can easily view nearly all the information about our users without extensive searching. Access to users and groups is rapid. For instance, if a user has standard connections, such as Active Directory, LDAP, or SAP integrations, we can readily access information based on their identity. This is a fantastic feature.

The user interface design could be improved, especially during checkout and navigation. The web portal, for instance, can be confusing at times, with buttons and steps not always clearly defined. This can hinder efficient task completion. The portal should include quick guides to assist users, as the descriptions can sometimes be challenging to understand.

I used several cases to ensure consistent governance across test, development, and production servers. While this approach is common with transports and other tools, it's less familiar in One Identity Manager. I found the One Identity Designer more suitable for this task. Therefore, One Identity Manager is not optimal for achieving this goal.

I have been using One Identity Manager for almost seven months.

We experienced stability problems due to One Identity's version updates, which often need more detailed information about changes on their portal. This has forced us to roll back versions multiple times, resulting in service disruptions that lasted up to five hours.

One of the most important aspects of One Identity Manager is its scalability, allowing us to efficiently manage all of our applications in a centralized location.

I have used SailPoint and ForgeRock by Ping Identity. While SailPoint is similar to One Identity Manager, it offers a better approach to both the front and back end. Its overall design is notably more effective.

The initial deployment of One Identity Manager was challenging due to the tight three-day deadline imposed by my company. To ensure a successful implementation, I needed a solid foundational understanding of the system, which proved complex given the intricate schemas involved. These schemas, underlying the One Identity interface, connect to massive tables, making the SQL approach behind them more reliant on a traditional schema structure. One Identity's proprietary schema, however, presents a significant learning curve. Without adequate mentorship or guidance, navigating this complexity could be daunting. A thorough understanding of how the various tables interact and the overall workflow requires at least a month of hands-on experience with the tool.

One person is enough to complete the deployment.

I would rate One Identity Manager eight out of ten. The solution is good but needs more documentation and better descriptive errors.

The One Identity Manager is a good starting point for beginners to customize, but the One Identity Designer offers more flexibility for creating complex automation. While the Manager is simplified and easier to understand, the Designer allows for greater customization. The Manager is sufficient for basic task customization, but for more advanced automation, the Designer is essential.

I am a consultant who works on the backend of One Identity. When a client has a requirement, I add it to the back end. 

One Identity Manager simplifies procurement and licensing. Using business roles helps a lot. Provisioning enables users to make application governance decisions without involving IT personnel. It makes it easier by using account definitions and business roles. 

You can assign different AD groups and applications and enable them for specific users depending on their roles. This minimizes gaps in governance coverage among test, dev, and production servers and makes things easier. 

One Identity is a complete solution that has everything we need. We can use it to manage SAP. It connects SAP to employee identities under governance. This functionality is critical. One Identity Manager provides IGA for the more difficult-to-manage aspects of SAP, which is also crucial. The SAP-specialized workflows are easy to implement. 

One Identity provides a single platform for the administration and governance of users, data, and privileged accounts. It provides a complete overview of all these things. The user interface is intuitive and nice. It shows everything. Customizing the interface isn't hard. You can create custom fields. This is one of the most important things.

The documentation is poor. For example, the synchronization editor has a lot of things happening, but there's just a description. If you want to do something specific with that like create custom views, they just say go to the extension and select the UUID. However, if we don't have a UUID for this view, it will not work. That isn't in the documentation.

It extends governance to cloud applications and it's complete, but there needs to be more connectors for it. That's the only thing I don't like.

I have used One Identity Manager for a year and five months.

I rate One Identity's support eight out of 10. We use the standard support. They send you a link to the documentation or a forum where someone else had the same problem. However, sometimes the documentation isn't useful, so they need to escalate the user to the product leads. In those cases, it takes weeks to resolve. 

Positive

The initial deployment was easy and could be completed in one or two days if we only consider the installation and synchronization of target systems. However, it takes longer to set up the business roles and all that. 

I rate One Identity Manager nine out of 10. The only issue I have is the documentation. 

One Identity Manager is an identity governance and management tool. Our customers have defined policies based on their infrastructure but not an intelligent centralized system that handles all the application and user information. When a user requests access to an application, we're the first ones to get that info and perform corporate operations like onboarding and offboarding. We also provide the necessary access. 

We manage about 200,000 users. A bank is one of our biggest clients, so managing their systems is a little more complex. They have multiple streams, making it somewhat complicated. 

One Identity provides our customers with a holistic, centralized automation process. Security compliance is the primary thing. When we audit the report, we can track what applications they are using and ensure that everything they do is within the security system. We can prevent incidents, but if something does happen, we can block that user or that system from accessing other resources.

The solution minimizes governance gaps across environments. When you're working with a large corporation, you can easily find gaps in the security. For example, accounts may be outside of the security system, or the creation and onboarding may be delayed, causing challenges. We can automate the entire process with a centralized platform to ensure the work is done on time. 

Having a centralized system to maintain everything saves time and avoids confusion. It ensures that everything is under the scope, improving security compliance. As companies grow, they face more security challenges, and this solution helps to address them. 

One Identity improves customers' operations by increasing security and reducing costs. Everything will be in line, from onboarding to offboarding. In terms of user privileges and access, everything stays within the scope. Companies can secure their resources and make them available as needed. It's a completely automated process that happens daily. Companies can cut costs by automatically removing access to paid users on leave because we usually pay a per user cost for services. 

Privileged access is part of company policy, and we provide access based on that criteria. The hierarchy will differ depending on the application. A privileged user will have access to the bigger applications or they will have admin role access. One Identity gives us a centralized system to do that.

Let's say a company has infrastructure, development, and finance teams, each with a separate IT shop. From this information, we know that this person belongs to the finance department, so they will receive all the access for someone in finance based on company policy. However, sometimes, the financial department isn't allowed to use the technical systems. We consider the policy criteria the user meets. 

If somebody requires access to something else, they can request access to those applications. Once an application is aligned with One Identity, we will have the application information and know how many users are on boarded to that application, so we get updated information about the number of users with access and how many use it. We generate reports each month on which applications users access and how often. 

I like One Identity's reporting features and the single sign-in option. Users can skip multiple logins. It also gives us a centralized system that lets us know about a user's access. This is an automated process. If a user leaves the company, One Identity will ensure their application access will be removed after a certain date. When the user joins a company, it ensures all privileges are created and active by the start date.

Using an open-source integration platform, we can integrate any service provider with One Identity. I think the user experience has been positive. Customizing the solution for each company's requirements has been challenging and interesting. Some of these companies are massive and have significant requirements, and we need to ensure that everything is under the scope.  We are collaborating to test and incorporate other functionalities. Corporations might also have their own applications, so we should be aligned with those. 

One Identity could add more connectors for various services we integrate. We need to build and configure custom connectors for our clients with complicated environments and multiple data streams. 

I have used One Identity Manager for two years.

One Identity is stable, but I can't say there are no issues. It depends on the server load and everything. 

One Identity is scalable. 

I rate One Identity support seven out of 10. They respond immediately when we reach out, and you can also get answers through their user community. 

Before One Identity Manager, we used a solution by Dell. A lot of things are in the cloud, so we cloud-native Azure and AWS tools to cover those. 

I was not involved in the deployment. Regarding maintenance, we have multiple teams working with One Identity to maintain and monitor it. Around 40 to 50 are working on this tool.

I rate One Identity Manager 10 out of 10. Before implementing One Identity, you should review the company's policies and all of the systems within its scope. From there, you can decide what the best solution is. For example, if you have an Amazon cloud environment, you should probably go with the AWS solution. 

We use One Identity Manager for identity governance.

One Identity Manager provides a single platform for enterprise-level administration and governance of user data and privileged accounts.

One Identity Manager provides a good user experience and intuitiveness.

After the training, basic configuration and customization are quite easy to do. For complex customization, we need to consult a consultant.

The business role's functionality is not that important at this time, but it will become more important as we grow using the application.

One Identity Manager makes provisioning easier, and it's a modern solution.

One Identity Manager helps minimize gaps in governance coverage among test, dev, and production servers. This has made the process more automated.

We have started the process of closing the gap between privileged and standard users. As we progress along our roadmap, we will see the gap shrinking.

It helps streamline application access decisions.

One Identity Manager helps with application compliance and application auditing.

One Identity Manager has helped us to achieve an identity-centric zero-trust model. This automates tasks and reduces manual steps, which leads to fewer errors.

I like the customer-facing portal because it is simple to use for end users. Some of the features are also easy to configure.

The customization process should be simplified.

I have been using One Identity Manager for four months.

The SaaS version has stability issues.

One Identity Manager is scalable.

The technical support team's response time needs to be improved.

Neutral

We previously used the legacy Sun Identity Management application, which was no longer supported. Therefore, we decided to switch to One Identity Manager.

The initial deployment was complex, primarily due to business needs, rather than One Identity Manager.

Configuring and testing took months, and we had a team of 20 people involved in the deployment.

We partnered with iC Consult.

iC Consult helped us implement and customize One Identity Manager.

iC Consult trained our staff. 

We are satisfied with their performance.

Our One Identity partner also helped with post-implementation support. We could not have deployed the solution without them.

One Identity Manager is fairly priced.

I would rate One Identity Manager seven out of ten.

We have it deployed globally. Currently, we have 100 people using the solution but it will eventually be used by 6,000 people.

The maintenance is completed by One Identity.

I recommend doing a proof of concept before implementing One Identity Manager.

I designed and implemented One Identity Manager for clients across various companies. This involved a wide range of use cases, including standard employee lifecycle processes like onboarding, transfers, offboarding, and location changes. I also implemented more sophisticated use cases, such as automatically creating Active Directory groups and service accounts based on user requests and approval workflows.

One Identity Manager's enterprise view for managing logically disconnected SAP accounts is good.

One Identity Manager acts as an Identity Governance and Administration solution specifically designed to address the complexities of SAP systems. This deep integration allows for advanced features like implementing Separation of Duties rules, ensuring a more secure and controlled SAP environment.

One Identity Manager delivers important SAP-specialized workflows and business logic.

One Identity Manager provides one platform for enterprise-level administration and governance of users, data, and privileged accounts.

One Identity Manager, while not boasting the absolute best user interface, offers an intuitive experience. Through its integration with SAP, it provides a comprehensive solution for managing the entire user permission lifecycle, including SAP roles and transactions. I was particularly impressed by its ability to seamlessly read details from the SAP system using a standard connector.

One Identity Manager simplifies backend customization by allowing us to implement custom processes, functions, scripts, and more. However, customizing the web portal, especially the new Angular web portal, is a more challenging task.

One Identity Manager offers a sophisticated model for the business roles to map company structures for dynamic application provisioning.

The functionality of the business role is important because if we build the right business structure, we can simplify the permission manager.

One Identity Manager helps minimize gaps in governance coverage among test, dev, and prod servers.

One Identity Manager helps create a privileged governance stance to close the security gap between privileged and standard users. This has improved our security posture.

One Identity Manager helps streamline aspects of application governance which simplifies the reporting.

One Identity Manager enables application owners and line of business managers to make application governance decisions without IT. Being able to see what users have access to and make the decision regarding the request from one platform, saves us time.

One Identity Manager helps us achieve a zero-centric trust model. 

One Identity Manager stands out for its modular design, allowing us to easily customize it with specific components, and its flexibility to handle any identity and access management scenario we encounter.

One Identity Manager doesn't provide all the user interfaces we need for business users out-of-the-box. This means we need to customize the web portal to display all the information we want to make available to them.

The ROM control modeling has room for improvement.

The user experience can be more user-friendly.

How One Identity Manager deals with disconnected systems needs improvement.

I have been using One Identity Manager for over ten years.

I would rate the stability of One Identity Manager ten out of ten.

One Identity Manager's scalability is the best in the market. From a technical perspective, the number of identities and entitlements we can manage with the overall architecture is good.

The One Identity Manager support is good.

Positive

I previously used Oracle Identity Management and SailPoint IdentityIQ. I switched because I was interested in One Identity Manager which is more popular and trusted in our country.

The initial deployment is straightforward. While the initial software deployment itself can be completed in a day, a full rollout typically requires additional time for configuration, customization, and other necessary steps to tailor the software to our client's specific environment.

One Identity Manager is expensive.

I would rate One Identity Manager eight out of ten.

One Identity Manager requires one to two people for maintenance per project.

I recommend using a partner to evaluate and implement One Identity Manager.

One Identity is used to create, sync, and delete accounts automatically across multiple systems. The product allows employees to be managed from our Human Resources system, while consultants and temporary personnel can be managed manually. The system provides automated workflows and birthright assignments for easier management of similar accounts or those in the same department or role. 

With the system synchronized with our HR database, new account creations are automated and include an email to managers providing users with their credentials for initial login. Only the hiring manager will receive a copy of the initial username and password, helping further secure this information and have it readily available before the employee begins. 

The automation of employee creation and de-provision has streamlined the process in many areas. For employees, all actions begin in the HR department and flow downstream, keeping all systems synchronized with the same data.

Since the system is tied to our HR database, automation has allowed us to immediately terminate accounts based on employee status instead of waiting for notification from a manager.

Consultant accounts are also set on an automated schedule to send an email if an account isn't used within eight days. The account is also automatically disabled if not used in ten days. This provides additional security by not having accounts enabled but not in use.

Several employee data fields are synchronized to Active Directory, providing easy access to other applications (office, address, description, telephone, employee status, etc.). The update process is scheduled and automated to run multiple times a day, so Active Directory is always up to date with different employee data.

The One Identity birthright process has helped generate user accounts more accurately and quickly. Our Service Desk ticketing system is now used to complete user accounts and provide only what isn't common across their department or team. 

The One Identity system is very modular. The product is similar to an erector set, where you can do the same thing in many ways. While this is great, it also can allow you to set yourself up for failure later. The product does require some level of developer skills, so having the ability to make system changes without being a developer would be a plus. 

A tool called Analyzer is included to assist with birthright generation. The tool isn't very user-friendly. It would be helpful to have a tool to more easily find common groups across departments or teams so more groups could be managed in an automated fashion.

I've been using the solution for seven years.

The One Identity platform has been a stable system that provides consistent results. 

This product is extremely scalable. The more development knowledge you have, the more you can do with this tool.

Support has always been responsive and helpful.

Positive

We did use Hitachi IDM. The tool was a first-generation IDM tool and was very difficult to manage.

The initial installation was fairly complex as it is capable of integrating with so many different systems. There isn't an easy wizard to walk through and get you going.

Professional services were used for the initial implementation of the product. We found a different partner for ongoing work and support. Their knowledge of the product is excellent. 

One Identity, in partnership with our consultant partner, has allowed our company to streamline many processes and save employee time for other important tasks. 

I would advise finding and using a development partner for implementation unless you have a dedicated identity management team. Ensure your environment is licensed properly, as One Identity has an active Compliance department. 

No other products were found worthy of trial when surveying the market at the time.

I use One Identity Manager to implement an identity governance and administration solution for end users.

One Identity Manager is a highly adaptable platform capable of integrating both connected and disconnected target systems through connectors and APIs. Its extensive customization options allow it to accommodate a wide range of customer use cases. Additionally, the tool can be scaled to support a large user base and effectively handles role provisioning, joiners, movers, and leavers automation. With its rich feature set and out-of-the-box functionality, One Identity Manager is a powerful solution.

Previously, our user interface relied on a legacy web portal built with VB.NET technology, which suffered from slow loading times. However, One Identity has significantly enhanced the user experience by upgrading to Angular technology for the web portal. This transition has resulted in a much more interactive interface and greatly improved response times. The codebase is entirely based on Angular, which we can leverage to create custom components and enhance the web portal with a more interactive user experience.

We leverage business roles to assign default access permissions. New employees automatically receive specific role-based access upon joining the company. This process is facilitated through the implementation of business roles. We can easily accommodate diverse user types using these roles. For example, a new sales employee can be assigned a corresponding business role. We can create hundreds of business roles to match different departments. Additionally, we can schedule when these business roles are executed, allowing for system operation flexibility. However, it's important to note that frequent scheduling can significantly impact overall system performance and efficiency.

We have integrated EntraID with One Identity Manager for application onboarding. Since authentication can be provided through EntraID, extending governance to cloud applications is necessary. Therefore, all cloud-based applications that are not connected to on-premises systems require integration with EntraID. Failure to integrate will result in authentication errors and prevent user logins. Consequently, EntraID is mandatory for all cloud-deployed applications.

When we deploy the portal, most projects involve migrating from other IGA solutions to our new platform. Initially, users may take time to familiarize themselves with the portal's web interface, but its navigation is intuitive. We provide extensive documentation on accessing the portal, its features, and how to submit requests, along with customer support. While there may be a brief learning curve, the user-friendly design should minimize difficulties.

One Identity Manager helps bridge governance gaps between test, development, and production servers. Development is migrated to a test environment for testing before approval and subsequent migration to production. One Identity Manager is installed on all three environments, each with its own database to facilitate this. Changes are developed in the development environment, packaged, and moved to the test environment for testing. Approved changes are then migrated to production. Maintaining identical One Identity Manager versions across all three environments is crucial to ensure successful package migration, as packages from one version are incompatible with others.

One Identity Manager allows us to establish a privileged governance framework to bridge the security gap between privileged and standard users. Our system defines roles with specific permissions, enabling us to display additional information to users with privileged roles while restricting access to this information for standard users. Our defined roles and permissions make this granular control possible.

We have an approval workflow and policy to streamline application access decisions. Obtaining a specific role must undergo an approval process, and only designated individuals can grant permission. This workflow ensures that role assignments are controlled and efficient, preventing unauthorized access.

One Identity Manager offers a wide range of connectors, allowing it to interface with multiple target systems and perform provisioning and de-provisioning tasks within them. This extensive connector library, available out-of-the-box, is one of its most valuable features.

One Identity Manager is a comprehensive but complex solution. Even for developers, gaining a deep understanding and implementing customizations would require significant effort. It is a challenging product to both implement and comprehend.

The reporting and auditing functionalities within One Identity Manager could be enhanced, particularly in the reporting area, which would benefit from a wider range of pre-built reports.

I have been using One Identity Manager for three years.

Technical support is helpful whenever we need troubleshooting services. 

Positive

The complex deployment took approximately seven months and involved a team of business analysts, a technical architect, and developers. 

We implement One Identity Manager for our customers.

I would rate One Identity Manager eight out of ten.

We are a service provider, and we provide the license to our customers.