We performed a comparison between Okta Workforce Identity and One Identity Active Roles based on real PeerSpot user reviews.
Find out in this report how the two Identity and Access Management as a Service (IDaaS) (IAMaaS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The ease of deployment, ease of use, and speed of delivery is what I like about Okta Workforce Identity. It is very easy to use. For a lot of software, you need to be trained extensively and have a very technical background. Okta Workforce Identity is quite simple. You can integrate any software into Okta. They've got a network of 7,000 applications that easily integrate into it."
"It's reliable and it does what it is advertised to do."
"Workforce Identity's best features include its user-friendliness and easy setup."
"Having a single sign-on to all our applications."
"Okta controls all the users. It has context-based access from the user and type of device. It identifies the risk and can do a step of authentication when that user is trying to access some sensitive application from an unknown device."
"We can automate the process of adding users to Okta if they are activated in Active Directory, or if they are added to the database of applications or Active Directory in the last couple of days."
"It has a wide range of MFA options. I prefer "Okta Verify" out of them all."
"Okta has introduced the Universal Directory. It has custom attribute capability and user permissions to read/write on their profiles or hide them. Profile sources and identity profile sourcing are two different components that I haven't seen in other products."
"The most valuable features include auditing, dynamic grouping, and creating dynamic groups based on AD attributes."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"Having a tool to manage all changes to AD from a single pane of glass is awesome."
"Secure access is the most valuable feature."
"Active Roles improved the management of users, groups, and AD objects in the organization."
"It provides automatic provisioning/update/deprovisioning workflows from a source system to a target system."
"The AD and AAD management features of this solution are really good... They offer added value by showing more fields such as password age and the statuses of some things that we normally wouldn't see."
"Instead of deleting accounts, we like the deprovision option so that we can reverse any accidental deletions. It also gives a higher level of quality control in terms of enforcing any number of variables, such as making sure that an account has a description entered before the account can be created. We can backtrack and know the history of it that way."
"This user integration with the Okta integration network could be simplified."
"The ability or the options in the solution for changing the look and feel are not good enough because in our partner portal, essentially what they have is an ugly admin interface."
"The initial setup can be complex at first."
"They also have single sign-on (SSO). When we bought Okta Workforce Identity a year and a half ago, I was also looking at SSO, but not much documentation was available for SSO. The documentation for SSO should be a little more robust for somebody who is implementing it for the first time."
"Okta doesn't have a partial push. It pushes down the full profile schema for lifecycle management or provisioning."
"You can't hide the device when you're checking logs."
"SSO and MFA for improved end-user experience, and protection against password spray attacks, account password self-service."
"The lifecycle management part can be improved. It should also have identity governance and the ability to choose a specific factor authentication at the application level. Its licensing and pricing can also be improved."
"The initial setup was quite easy, but it was time-consuming. It took about three months."
"Another issue we have with the product is that we run a lot of custom tasks. You have to program them to run on one particular host and there's no automatic failover to a second host. If that host is down when a task is supposed to run, it has to wait until the next time it runs when that host is up."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"For ActiveRoles, it would be good if the product supports multi-scripting language. You can use only VBScript."
"When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow."
"I've had a difficult time getting it to cooperate with Azure in the cloud and, while the support staff are very good and very knowledgeable, what they assist with just on a call doesn't go deep enough to help with a number of issues. The answer that comes back is that we'd have to start an engagement with Professional Services, which is fine but that takes time to schedule and it takes budget."
"In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets."
"The solution needs an attestation process that includes certification and recertification attestation."
Okta Workforce Identity is ranked 2nd in Identity and Access Management as a Service (IDaaS) (IAMaaS) with 59 reviews while One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews. Okta Workforce Identity is rated 8.4, while One Identity Active Roles is rated 8.6. The top reviewer of Okta Workforce Identity writes "Extremely easy to work with, simple to set up, and reasonably priced ". On the other hand, the top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". Okta Workforce Identity is most compared with Microsoft Entra ID, Google Cloud Identity, SailPoint Identity Security Cloud, Saviynt and Auth0, whereas One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, SailPoint Identity Security Cloud, One Identity Manager and Quest Active Administrator. See our Okta Workforce Identity vs. One Identity Active Roles report.
We monitor all Identity and Access Management as a Service (IDaaS) (IAMaaS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.