We performed a comparison between ForgeRock and Microsoft Entra ID based on real PeerSpot user reviews.
Find out in this report how the two Identity Management (IM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The thing that I find most valuable is that Omada consists of building blocks, which means that you can configure almost anything you want without using custom code, making it pretty easy to do. It's possible to connect to multiple target systems and to create one role that consists of different permissions in the different target systems. So one role in Omada can make sure that you have an account in three different systems."
"We don't have to go in and do a lot of the work that we did before. It may have saved us somewhere in the range of 10 to 30 percent of the time we spent on provisioning access."
"Omada's onboarding features reflect our processes for onboarding new employees well. That is the primary reason we use this solution. We use role-based access control. I'm not sure how much it has improved our security posture, but it's made managing identities more convenient."
"The best feature in Omada Identity is that it enables us to implement standardized employee life cycle processes so that we don't have to create them ourselves. We can then use the standard workflows. The breadth and scope of the solution’s IGA features also fulfill our requirements."
"I appreciate all the support we receive from Omada."
"The benefits of Omada Identity include a holistic way of viewing access, the ability to give people access, and automation."
"The most valuable aspect of the product is that it is Microsoft-based and it supports all Microsoft technology."
"The support response time and the freedom from strange bugs and strange things happening in the software are valuable."
"Their access management solution, OpenAM, is most valuable because it meets the needs of a lot of users."
"ForgeRock is an extensive product with many functionalities and capabilities, much more than many other tools combined."
"ForgeRock has CIAM, which other products didn't have, and they have DevOps ready."
"I like the intelligent authentication feature."
"The solution integrates well and it is important for them to keep up with the current trends in the market quickly enough, and they have been doing a good job at it."
"ForgeRock products are customizable, and the out-of-the-box features are solid, too. I primarily use the OIDC compliance features. It's just a configuration. it's easy to set up and customize trees. We can add our own features if necessary. Banks and corporations have different standards and specific validations."
"The solution is very scalable. We have a lot of users that have been increasing over the years that we have been using it. We have approximately 20,000 users."
"The most valuable features are that it is easy to manage and it's stable."
"The single sign-on of the solution is the most valuable aspect."
"Active Directory itself is the best feature it has. It also gives us a single pane of glass for managing user access."
"It's a very intuitive platform. It's easy to create groups and add people."
"Just because I've been in the Azure space since it started out and in the Microsoft Cloud AD since the BPOS days in the early 2000s, and it's just a product that made life simpler for my clients to be able to integrate everything."
"Being able to easily authenticate yourself on the MSA app is valuable. It is easy to use. Rather than receiving a code in an SMS, you can just verify that it is you. You don't have to punch in any password or any six-digit code. That's the feature that I like the most."
"The best feature is the single sign-on provision for the various type of users."
"It has been very instrumental towards a lot of services we run, especially on the single sign-on side. For example, we have 160 countries that all run their own IT but we still are able to provide users with a single sign-on experience towards global applications. So, they have a certain set of accounts that they get from their local IT department, then they use exactly the same account and credentials to sign into global services. For the user, it has been quite instrumental in that space. It is about efficiency, but also about users not having to remember multiple accounts and passwords since it is all single sign-on. Therefore, the single sign-on experience for us has been the most instrumental for the end user experience."
"It has things like conditional access. For example, if someone is accessing sensitive information, then we could force them to do multi-factor authentication. Therefore, we can stop access if it is coming from a location that we did not expect."
"It is not possible to customize reports on Omada Identity."
"If I had to name one thing, it would be the user interface (UI)."
"One thing that we are not so happy about is the user interface. It is a bit dated. I know that they are working on that, but the user interface is quite dated. Currently, it is a little bit difficult to customize the user interface to the need of the business, which is a little bit disappointing. It needs it to be a little bit easier to operate, and it should have a better user interface."
"When you do a recalculation of an identity, it's hard to understand what was incorrect before you started the recalculation, and which values are actually updated... all you see are all the new fields that are provisioned, instead of seeing only the fields that are changed."
"Improved traceability would be helpful for administrators. For example, let's say a user's permission is being revoked. We can only see the system that has carried out a particular action but not what triggered it. If an event definition or something has changed in the criteria for the permission being removed or something like that, we don't have immediate access to that information. It takes a little detective work."
"If you're running Omada on a cloud service, you may have some issues deploying the newest release. Sometimes, the latest release doesn't adapt to the processes we have already installed. Identity Access Management is a critical system for our organization, and we need to ensure that everyone has the same access as they did before the release."
"We are trying to use Omada's standards and to adapt our processes. But we have had some trouble with the bad documentation. This is something that they could improve on. It has not been possible for us to analyze some of the problems so far, based on the documentation. We always need consultants. The documentation should include some implementation hints and some guidelines for implementing the processes."
"The user interface could be improved. The interface between Omada and the user is mainly text-based."
"The user interface could be improved as it is cumbersome and outdated. It doesn't have a responsive UI."
"We would like this solution to be developed for use with mobile applications."
"I think the upgrade process is sometimes a little complicated and there are failures that occur."
"The identity management model needs a bit of improvement."
"We raised tickets asking for improvements, but sometimes we don't get the proper solution. They are responding, but the ticket is open for weeks and weeks. For some issues, we don't get a satisfactory solution or the solution doesn't work."
"The solution's documentation is not very good, and they do not give more details."
"The product's support services in the French language are not free."
"They should improve the solution by include reporting."
"The support could be better. Lately, they sort of dropped off a bit in terms of quality."
"The scalability of the solution is good."
"It would be awesome to have a feature where you can see the permissions of a user in all their Azure subscriptions. Right now, you have to select a user, then you have to select the subscription to see which permissions the user has in their selected subscriptions. Sometimes, you just want to know, "Does that user have any permissions in any subscriptions?" That would be awesome if that would be available via the portal."
"Microsoft should work on enhancing its machine-learning algorithm to prevent unnecessary lockouts of users."
"Microsoft Entra ID's impact on access and identity management is relatively limited."
"The cost of licensing always has room for improvement."
"The product needs to be more user-friendly."
"In a hybrid deployment, when we update a license by changing the UPN or email address of a user, it does not get updated automatically during normal sync. This means that we have to update it manually from Azure, which is something that needs to be corrected."
ForgeRock is ranked 6th in Identity Management (IM) with 27 reviews while Microsoft Entra ID is ranked 1st in Identity Management (IM) with 190 reviews. ForgeRock is rated 8.0, while Microsoft Entra ID is rated 8.6. The top reviewer of ForgeRock writes "Governance and access management solution used for multi-factor authentication that is outdated with an unresponsive UI". On the other hand, the top reviewer of Microsoft Entra ID writes "Allows users to authenticate from home and has excellent integrations in a simple, stable solution". ForgeRock is most compared with SailPoint IdentityIQ, PingID, Auth0, Symantec Siteminder and Saviynt, whereas Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, CyberArk Privileged Access Manager, Yubico YubiKey and Cisco Duo. See our ForgeRock vs. Microsoft Entra ID report.
See our list of best Identity Management (IM) vendors and best Access Management vendors.
We monitor all Identity Management (IM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.