We performed a comparison between Okta Workforce Identity and One Identity Active Roles based on real PeerSpot user reviews.
Find out in this report how the two Identity and Access Management as a Service (IDaaS) (IAMaaS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Okta controls all the users. It has context-based access from the user and type of device. It identifies the risk and can do a step of authentication when that user is trying to access some sensitive application from an unknown device."
"One of the most beneficial features of the solution is the user provisioning and the de-provisioning feature."
"Its integration components are most valuable. It integrates with everything in some way. There are some products, such as O365 or AD, with which it completely and 100% integrates. So, you can seamlessly create accounts across the board with some of these products. For some of the products with which it doesn't completely integrate, you can do some kind of interfacing."
"They have good push authentications."
"Its simplicity and its integration with various vendor-agnostic platforms are the most valuable features."
"The tool helps improve our security and productivity."
"The initial setup of Okta Workforce Identity is straightforward. I was able to get an environment ready within half a day."
"The support for YubiKey is really good because you don't actually have to type in your username and password."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"The biggest thing for us is Active Roles saves a lot of man-hours in keeping groups up-to-date manually or trying to write some sort of script that you have to run, so we don't have to reinvent the wheel. Instead of when every time somebody joins a department, then somebody has to remember to put in a request to add "meet user Joe" to this group, the solution does it automatically for us. Therefore, it saves our business and IT staff time because they do not have to process requests since Active Role can do it for them."
"The provisioning and deprovisioning saves a lot of time and skips a lot of errors."
"Secure access is the most valuable feature."
"It gives us attribute-level control and the AD management features work very well."
"The AD and AAD management features of this solution are really good... They offer added value by showing more fields such as password age and the statuses of some things that we normally wouldn't see."
"It provides automatic provisioning/update/deprovisioning workflows from a source system to a target system."
"In comparison to native Active Directory tools, using Active Roles for delegation is so much better. It uses an access template and that makes it easy to see who can access what. In fact, you can do that for many objects as well."
"It is challenging to obtain a comprehensive backup."
"We have experienced some challenges in integrating this solution with Scope and Cognito."
"The only aspect in which it can be improved is that the interface could be cleaner. I found this even when I was trying to do my certification exam because the certification is hands-on. You find yourself fumbling around a little bit to find simple things. This happens even when you start to get familiar with the product."
"I would appreciate it if Okta Workforce Identity becomes more user-friendly. Its API technology is complicated. Certain applications may pose challenges in terms of integration, especially when they require IDP technologies that aren't easily codable. While I can't provide specific examples, some applications may not integrate with Okta Workforce Identity."
"The lifecycle management part can be improved. It should also have identity governance and the ability to choose a specific factor authentication at the application level. Its licensing and pricing can also be improved."
"The solution can be quite expensive."
"Okta Workforce Identity can improve by having more features in governance."
"They also have single sign-on (SSO). When we bought Okta Workforce Identity a year and a half ago, I was also looking at SSO, but not much documentation was available for SSO. The documentation for SSO should be a little more robust for somebody who is implementing it for the first time."
"For the AAD management feature, it needs to improve the objects that we can manage and the security."
"The solution needs an attestation process that includes certification and recertification attestation."
"The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them."
"Most of the time it just works."
"In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets."
"Another issue we have with the product is that we run a lot of custom tasks. You have to program them to run on one particular host and there's no automatic failover to a second host. If that host is down when a task is supposed to run, it has to wait until the next time it runs when that host is up."
Okta Workforce Identity is ranked 2nd in Identity and Access Management as a Service (IDaaS) (IAMaaS) with 59 reviews while One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews. Okta Workforce Identity is rated 8.4, while One Identity Active Roles is rated 8.6. The top reviewer of Okta Workforce Identity writes "Extremely easy to work with, simple to set up, and reasonably priced ". On the other hand, the top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". Okta Workforce Identity is most compared with Microsoft Entra ID, Google Cloud Identity, SailPoint Identity Security Cloud, Saviynt and Auth0, whereas One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, SailPoint Identity Security Cloud, One Identity Manager and Quest Active Administrator. See our Okta Workforce Identity vs. One Identity Active Roles report.
We monitor all Identity and Access Management as a Service (IDaaS) (IAMaaS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.