We performed a comparison between ForgeRock and Microsoft Entra ID based on real PeerSpot user reviews.
Find out in this report how the two Identity Management (IM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It has a very user-friendly interface compared to what we are used to, and it is highly configurable. In the old solution, when we needed to do something, we had to have a programmer sitting next to us, whereas, in Omada Identity, everything is configurable."
"We used to have a problem where an employee's access wasn't terminated when they left the company. Now, we have much better visibility into and control over who has access."
"The teams we work with at Omada provide great insights and support. Overall, it has been a pleasure working with them. That's the part we value the most."
"The most valuable aspects of Omada Identity for me are the automation capabilities."
"As an administrator, we benefit from a lot of functionality that is available out of the box, but it is also configurable to meet our specific needs."
"The administrative features and SoD are valuable."
"I appreciate all the support we receive from Omada."
"The most valuable functionality of the solution for us is that when employees stop working for the municipality, they are automatically disabled in Active Directory. Omada controls that 100 percent. They are disabled for 30 days, and after that time Omada deletes the Active Directory account. The same type of thing happens when we employ a new person. Their information is automatically imported to Omada and they are equipped with the roles and rights so they can do their jobs."
"We create and define the permissions and configurations for the users."
"We used it to implement multi-factor authentication and to improve our security posture as well as reducing the potential for attacks."
"ForgeRock has CIAM, which other products didn't have, and they have DevOps ready."
"ForgeRock products are customizable, and the out-of-the-box features are solid, too. I primarily use the OIDC compliance features. It's just a configuration. it's easy to set up and customize trees. We can add our own features if necessary. Banks and corporations have different standards and specific validations."
"The solution is very scalable. We have a lot of users that have been increasing over the years that we have been using it. We have approximately 20,000 users."
"I like the way it is handling authentication and authorization."
"The most valuable features of ForgeRock are social login and data protection."
"Easy to navigate, handle and manage the applications."
"What I like about Microsoft Authenticator is that it has good features. I also like that the tool is straightforward to use. Microsoft Authenticator also has a good UI that's very simple to use. I also like that I didn't find any limitations or negative aspects from the features of the tool because Microsoft Authenticator is not an extensive application. It has a two-factor based authentication which validates the user through the password, then it approves authentication."
"The security features, such as attack surface rules and conditional access rules, are the most valuable aspects of Azure AD."
"It is very simple. The Active Directory functions are very easy for us. Its integration with anything is very easy. We can easily do third-party multifactor authentication."
"It is great for mom-and-pop shops or small businesses that are truly coming into the enterprise ecosystem and that have not come from a legacy environment."
"I like the way it communicates to the cloud."
"The solution adds an extra layer of security."
"Application integration is easy. MFA and password self-service have reduced most of the supportive work of IT. We use multi-factor authentication. Every access from a user is through multi-factor authentication. There is no legacy authentication. We have blocked legacy authentication methods. For people who use the MDM on mobile, we push our application through Intune. In a hybrid environment, users can work from anywhere. With Intune, we can push policies and secure the data."
"With Azure Active Directory we were able to manage with different options the access for different users."
"We are still on Omada on-prem, but I understand that when Omada is in the cloud, you cannot send an attachment via email. We have some emails with attachments for new employees because we have to explain to them how to register and do their multi-factor authentication. All that information is in the attachment. People have to do that before they are in our system. We cannot give them a link to our Intranet and SharePoint because they do not yet have access. They have to register before that, so I need to send the attachments, but this functionality is not there in the cloud."
"What I would most like to see added to the product is role management, especially enterprise or business role management, and the processes around that."
"Omada's performance could be better because we had some latency issues. Still, it's difficult to say how much of that is due to Omada versus the resources used by our other vendors in our on-prem environment. Considering the resources we have invested into making it run well, it's slightly slower than we would expect."
"If I had to name one thing, it would be the user interface (UI)."
"The comprehensiveness of Omada's out-of-the-box connectors for the applications we use could be better. We are getting a new HR system called Cornerstone for which they do not have an out-of-the-box connector, so we have to take the REST connector and play around with it."
"When you do a recalculation of an identity, it's hard to understand what was incorrect before you started the recalculation, and which values are actually updated... all you see are all the new fields that are provisioned, instead of seeing only the fields that are changed."
"We are trying to use Omada's standards and to adapt our processes. But we have had some trouble with the bad documentation. This is something that they could improve on. It has not been possible for us to analyze some of the problems so far, based on the documentation. We always need consultants. The documentation should include some implementation hints and some guidelines for implementing the processes."
"Omada Identity has two main issues that need to be solved or improved the most. One is its setup or installation process because it's complex and cumbersome. I'm talking about the process for on-premises deployment because I've never tried the cloud version of Omada Identity. Setting up the cloud version should be much easier. The second area for improvement in Omada Identity is that it's piggybacking on Microsoft's complex way of having all kinds of add-ons, extensions, or setups, whether small or large, such as the new SQL Server, and it's cumbersome to make sure that everything works. Omada Identity is a complex solution and could still be improved."
"As with any complex software platform, there is a learning curve to using ForgeRock, and it may require specialized expertise to implement and manage effectively."
"The solution requires more simplified customization. However, part of the problem is my clients determining their own preferences. Technology can help and do many things, but you have to define your own policies to ensure that the solution or service works within those parameters. Helping customers understand their business and different processes is another issue not relating to the functionality of this solution."
"The solution could improve by adding more advertising and marketing."
"I find that it's quite expensive for just an open-source system. Support is quite expensive."
"In an upcoming release, the solution could improve by limiting the need to do customizations."
"It should have a better user interface. Its flexibility should also be improved. It is not about simplifying; it is more about flexibility. Each company has its own requirements, and ForgeRock can provide more flexibility in terms of the use of existing modules to implement features for the customers."
"ForgeRock is an open source solution and is available to everyone but it is not freeware. If you need support, you need a subscription for ForgeRock. Many of its functionalities need to be built up with the help of a consultant."
"It should be a little bit easier to implement. It is user-friendly, but there is always scope for improvement."
"I think there is room for improvement with actually discussing, and advertising Microsoft as a an authenticator. Many people just get confused and use Google, and I think if Microsoft would make more of an effort to penetrate the market, that would be key."
"The synchronization between my AD and Azure AD needs improvement."
"The product could be more cost-effective."
"The Cloud Provisioning Agent cannot provision a lot of the information that AD Connect does. For starters, the lightweight version cannot synchronize device information. If you have computers on-premises, the information about them will not be synchronized by the Cloud Provisioning Agent. In addition, if you have a user on the cloud and he changes his password, that information should be written back to the on-premises instance. But that workflow cannot be done with the lightweight agent. It can only be done with the more robust version."
"The conditional access rules are a little limiting. There's greater scope for the variety of rules and conditions you could put in that rules around a more factual authentication for other users. If you have an Azure AD setup, you can then connect to other people's Azure AD, but you don't have a huge amount of control in terms of what you can do. Greater control over guest users and guest access would be better. It's pretty good as it is but that could be improved."
"At first, it was a bit challenging to come up with a workaround that would get authentication to work."
"The ability to manage and authenticate against on-premises solutions would be beneficial."
"Having more training would be quite helpful."
ForgeRock is ranked 6th in Identity Management (IM) with 27 reviews while Microsoft Entra ID is ranked 1st in Identity Management (IM) with 190 reviews. ForgeRock is rated 8.0, while Microsoft Entra ID is rated 8.6. The top reviewer of ForgeRock writes "Governance and access management solution used for multi-factor authentication that is outdated with an unresponsive UI". On the other hand, the top reviewer of Microsoft Entra ID writes "Saves us time and money and features Conditional Access policies, SSPR, and MFA". ForgeRock is most compared with SailPoint Identity Security Cloud, Ping Identity Platform, Auth0, Symantec Siteminder and Saviynt, whereas Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, CyberArk Privileged Access Manager, Ping Identity Platform and Okta Workforce Identity. See our ForgeRock vs. Microsoft Entra ID report.
See our list of best Identity Management (IM) vendors and best Access Management vendors.
We monitor all Identity Management (IM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.