We performed a comparison between One Identity Active Roles and Saviynt based on real PeerSpot user reviews.
Find out what your peers are saying about SailPoint, One Identity, Omada and others in User Provisioning Software."It gives us attribute-level control and the AD management features work very well."
"Secure access is the most valuable feature."
"With the use of the sync service we were able to import information from multiple external systems and populate them within our space and leverage them for downstream systems."
"Instead of deleting accounts, we like the deprovision option so that we can reverse any accidental deletions. It also gives a higher level of quality control in terms of enforcing any number of variables, such as making sure that an account has a description entered before the account can be created. We can backtrack and know the history of it that way."
"The biggest thing for us is Active Roles saves a lot of man-hours in keeping groups up-to-date manually or trying to write some sort of script that you have to run, so we don't have to reinvent the wheel. Instead of when every time somebody joins a department, then somebody has to remember to put in a request to add "meet user Joe" to this group, the solution does it automatically for us. Therefore, it saves our business and IT staff time because they do not have to process requests since Active Role can do it for them."
"The most valuable features include auditing, dynamic grouping, and creating dynamic groups based on AD attributes."
"In comparison to native Active Directory tools, using Active Roles for delegation is so much better. It uses an access template and that makes it easy to see who can access what. In fact, you can do that for many objects as well."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"The feature that we use the most is the global, third-party user management."
"Saviynt has a lot of potential with many features available for users."
"The most valuable features of Saviynt are database utility and report generation. These two features have a major impact, particularly when you are trying to create a report because, in other systems, you need to use a third-party utility such as a BI tool or any other reporting tool to fetch the data and send out the report to a third party team. In Saviynt, it's a system within a system, so you don't have to use any third-party tool because you can directly do your query and write that code on Saviynt and then send that report to the team."
"It is a flexible tool because it works on JSON."
"Considering the initial cost and the basic features, this is a good solution that provides integration with both on-premise and cloud applications."
"The product has a great attestation feature."
"Saviynt risk-based access requests and intelligent access controls have made a significant impact on our company."
"It is very easy to use. It addresses most of the trends in identity governance and risk management."
"It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch."
"The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint."
"There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them."
"The solution needs an attestation process that includes certification and recertification attestation."
"I've had a difficult time getting it to cooperate with Azure in the cloud and, while the support staff are very good and very knowledgeable, what they assist with just on a call doesn't go deep enough to help with a number of issues. The answer that comes back is that we'd have to start an engagement with Professional Services, which is fine but that takes time to schedule and it takes budget."
"Most of the time it just works."
"When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"The tool is difficult to migrate."
"The UI doesn’t enhance the user experience."
"The customer support and implementation services need to be improved."
"The custom application integration is a little complex, and this tool doesn't provide so many plugins or additional applications."
"The main difficulty was the integration process itself. But we were able to kind of work through it and fix it. We tried integrating with our HR system and other IBM solutions, like Microsoft Identity Management."
"It is time-consuming to troubleshoot issues."
"It should support more customizations. In SailPoint, we can do many customizations, but we are not able to do that in Saviynt. For workflows and other things, we can only use what is already in place. Saviynt has a lot of scope for improvement on the customization part."
"Saviynt cannot customize based on customer needs."
One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews while Saviynt is ranked 5th in Identity Management (IM) with 21 reviews. One Identity Active Roles is rated 8.6, while Saviynt is rated 7.4. The top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". On the other hand, the top reviewer of Saviynt writes "Used for IAM, IGA, MFA, SSO, and access management". One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, SailPoint IdentityIQ, One Identity Manager and Softerra Adaxes, whereas Saviynt is most compared with SailPoint IdentityIQ, Microsoft Entra ID, CyberArk Privileged Access Manager, Okta Workforce Identity and Microsoft Identity Manager.
We monitor all User Provisioning Software reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.