• Home
  • ForgeRock vs. Microsoft Entra ID

ForgeRock vs Microsoft Entra ID comparison

Cancel
You must select at least 2 products to compare!
Omada Logo
Omada Identity
Read 46 Omada Identity reviews
3,703 views|1,526 comparisons
93% willing to recommend
Ping Identity Logo
ForgeRock
Read 27 ForgeRock reviews
3,674 views|2,480 comparisons
91% willing to recommend
Microsoft Logo
Microsoft Entra ID
Read 190 Microsoft Entra ID reviews
8,360 views|6,126 comparisons
94% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
ForgeRock vs. Microsoft Entra ID
May 2024
Executive Summary

We performed a comparison between ForgeRock and Microsoft Entra ID based on real PeerSpot user reviews.

Find out in this report how the two Identity Management (IM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed ForgeRock vs. Microsoft Entra ID Report (Updated: May 2024).
Download the complete report
772,679 professionals have used our research since 2012.
Featured Review
Thorsten Brüggemann
Helps with compliance, and replaces middleware, but it is challenging when handling large amounts of data
The main benefits of Omada Identity lie in its regulatory compliance capabilities. This is particularly important for companies like ours that... Read more →
Trisha Bhola
It's easier to customize and maintain our code
With ForgeRock, we don't need to do everything independently because it's a PaaS. Before ForgeRock, we used our own custom authentication... Read more →
Dumebi Chukwuemeka
Provides a single pane of glass, improves our security posture, and saves us time
Microsoft Entra ID offers a single pane of glass for managing user access. This unified interface provides essential notifications and guidance if... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It has a very user-friendly interface compared to what we are used to, and it is highly configurable. In the old solution, when we needed to do something, we had to have a programmer sitting next to us, whereas, in Omada Identity, everything is configurable.""We used to have a problem where an employee's access wasn't terminated when they left the company. Now, we have much better visibility into and control over who has access.""The teams we work with at Omada provide great insights and support. Overall, it has been a pleasure working with them. That's the part we value the most.""The most valuable aspects of Omada Identity for me are the automation capabilities.""As an administrator, we benefit from a lot of functionality that is available out of the box, but it is also configurable to meet our specific needs.""The administrative features and SoD are valuable.""I appreciate all the support we receive from Omada.""The most valuable functionality of the solution for us is that when employees stop working for the municipality, they are automatically disabled in Active Directory. Omada controls that 100 percent. They are disabled for 30 days, and after that time Omada deletes the Active Directory account. The same type of thing happens when we employ a new person. Their information is automatically imported to Omada and they are equipped with the roles and rights so they can do their jobs."

More Omada Identity Pros →

"We create and define the permissions and configurations for the users.""We used it to implement multi-factor authentication and to improve our security posture as well as reducing the potential for attacks.""ForgeRock has CIAM, which other products didn't have, and they have DevOps ready.""ForgeRock products are customizable, and the out-of-the-box features are solid, too. I primarily use the OIDC compliance features. It's just a configuration. it's easy to set up and customize trees. We can add our own features if necessary. Banks and corporations have different standards and specific validations.""The solution is very scalable. We have a lot of users that have been increasing over the years that we have been using it. We have approximately 20,000 users.""I like the way it is handling authentication and authorization.""The most valuable features of ForgeRock are social login and data protection.""Easy to navigate, handle and manage the applications."

More ForgeRock Pros →

"What I like about Microsoft Authenticator is that it has good features. I also like that the tool is straightforward to use. Microsoft Authenticator also has a good UI that's very simple to use. I also like that I didn't find any limitations or negative aspects from the features of the tool because Microsoft Authenticator is not an extensive application. It has a two-factor based authentication which validates the user through the password, then it approves authentication.""The security features, such as attack surface rules and conditional access rules, are the most valuable aspects of Azure AD.""It is very simple. The Active Directory functions are very easy for us. Its integration with anything is very easy. We can easily do third-party multifactor authentication.""It is great for mom-and-pop shops or small businesses that are truly coming into the enterprise ecosystem and that have not come from a legacy environment.""I like the way it communicates to the cloud.""The solution adds an extra layer of security.""Application integration is easy. MFA and password self-service have reduced most of the supportive work of IT. We use multi-factor authentication. Every access from a user is through multi-factor authentication. There is no legacy authentication. We have blocked legacy authentication methods. For people who use the MDM on mobile, we push our application through Intune. In a hybrid environment, users can work from anywhere. With Intune, we can push policies and secure the data.""With Azure Active Directory we were able to manage with different options the access for different users."

More Microsoft Entra ID Pros →

Cons
"We are still on Omada on-prem, but I understand that when Omada is in the cloud, you cannot send an attachment via email. We have some emails with attachments for new employees because we have to explain to them how to register and do their multi-factor authentication. All that information is in the attachment. People have to do that before they are in our system. We cannot give them a link to our Intranet and SharePoint because they do not yet have access. They have to register before that, so I need to send the attachments, but this functionality is not there in the cloud.""What I would most like to see added to the product is role management, especially enterprise or business role management, and the processes around that.""Omada's performance could be better because we had some latency issues. Still, it's difficult to say how much of that is due to Omada versus the resources used by our other vendors in our on-prem environment. Considering the resources we have invested into making it run well, it's slightly slower than we would expect.""If I had to name one thing, it would be the user interface (UI).""The comprehensiveness of Omada's out-of-the-box connectors for the applications we use could be better. We are getting a new HR system called Cornerstone for which they do not have an out-of-the-box connector, so we have to take the REST connector and play around with it.""When you do a recalculation of an identity, it's hard to understand what was incorrect before you started the recalculation, and which values are actually updated... all you see are all the new fields that are provisioned, instead of seeing only the fields that are changed.""We are trying to use Omada's standards and to adapt our processes. But we have had some trouble with the bad documentation. This is something that they could improve on. It has not been possible for us to analyze some of the problems so far, based on the documentation. We always need consultants. The documentation should include some implementation hints and some guidelines for implementing the processes.""Omada Identity has two main issues that need to be solved or improved the most. One is its setup or installation process because it's complex and cumbersome. I'm talking about the process for on-premises deployment because I've never tried the cloud version of Omada Identity. Setting up the cloud version should be much easier. The second area for improvement in Omada Identity is that it's piggybacking on Microsoft's complex way of having all kinds of add-ons, extensions, or setups, whether small or large, such as the new SQL Server, and it's cumbersome to make sure that everything works. Omada Identity is a complex solution and could still be improved."

More Omada Identity Cons →

"As with any complex software platform, there is a learning curve to using ForgeRock, and it may require specialized expertise to implement and manage effectively.""The solution requires more simplified customization. However, part of the problem is my clients determining their own preferences. Technology can help and do many things, but you have to define your own policies to ensure that the solution or service works within those parameters. Helping customers understand their business and different processes is another issue not relating to the functionality of this solution.""The solution could improve by adding more advertising and marketing.""I find that it's quite expensive for just an open-source system. Support is quite expensive.""In an upcoming release, the solution could improve by limiting the need to do customizations.""It should have a better user interface. Its flexibility should also be improved. It is not about simplifying; it is more about flexibility. Each company has its own requirements, and ForgeRock can provide more flexibility in terms of the use of existing modules to implement features for the customers.""ForgeRock is an open source solution and is available to everyone but it is not freeware. If you need support, you need a subscription for ForgeRock. Many of its functionalities need to be built up with the help of a consultant.""It should be a little bit easier to implement. It is user-friendly, but there is always scope for improvement."

More ForgeRock Cons →

"I think there is room for improvement with actually discussing, and advertising Microsoft as a an authenticator. Many people just get confused and use Google, and I think if Microsoft would make more of an effort to penetrate the market, that would be key.""The synchronization between my AD and Azure AD needs improvement.""The product could be more cost-effective.""The Cloud Provisioning Agent cannot provision a lot of the information that AD Connect does. For starters, the lightweight version cannot synchronize device information. If you have computers on-premises, the information about them will not be synchronized by the Cloud Provisioning Agent. In addition, if you have a user on the cloud and he changes his password, that information should be written back to the on-premises instance. But that workflow cannot be done with the lightweight agent. It can only be done with the more robust version.""The conditional access rules are a little limiting. There's greater scope for the variety of rules and conditions you could put in that rules around a more factual authentication for other users. If you have an Azure AD setup, you can then connect to other people's Azure AD, but you don't have a huge amount of control in terms of what you can do. Greater control over guest users and guest access would be better. It's pretty good as it is but that could be improved.""At first, it was a bit challenging to come up with a workaround that would get authentication to work.""The ability to manage and authenticate against on-premises solutions would be beneficial.""Having more training would be quite helpful."

More Microsoft Entra ID Cons →

Pricing and Cost Advice
  • "The pricing is too high for SMBs."
  • "Omada continues to be very competitive on pricing, especially on the Omada cloud product."
  • "The initial total cost of ownership to implement Omada Identity is not small. The TCO for the implementation is as high as any other solution. However, the cost of maintaining the solution is at par or lower than competitors, including adding more features or maintaining the system after the initial deployment or installation to make sure that they are available for users to use or extending the functionalities of those activities. Those maintenance costs are lower than other vendors, but the initial cost of getting the system installed is still high."
  • "It is licensed per managed user per year."
  • "There were a lot of administrator, partner, and supplier accounts for people who were no longer working for us but still in the system. So, we reduced the number of users no longer with the company, which saved us some money on licensing."
  • "It's a fair price for the on-premises system. Compared with what we had before, it's much cheaper and we get all the modules in one. We tried to go with the cloud, but it was far too expensive."
  • "From an on-prem point of view, the cost is quite transparent and reasonable. The direct cost is primarily for licenses and maintenance on licenses."
  • "My client deals directly with the Omada Identity team in terms of licensing. I never look at pricing, so I'm not aware of how much the solution costs, but it's worth the money. Often, when you begin to use Omada Identity and it takes a while to set up, it'll be irreversible, and you'd depend on and focus more on the functionality of the solution, rather than its price tag."

    • More Omada Identity Pricing and Cost Advice →

  • "It's a bit pricey and could be more competitive."
  • "We have multiple clients we are looking at right now. We are at a very small number, however, the idea and the goal is to grow. We are looking at about $100,000 and $50,000 a minimum a month cost. That'd be minimum maybe in a couple of years."
  • "Its price is comparable to other products in the market."
  • "Its licensing is on a yearly basis, but it also depends on the contract that you have with the vendor. They have multiple types of contracts. There are additional costs to the standard licensing fees. If you need some of the features, you have to pay more."
  • "The license is purchased annually per user. However, you can negotiate if you are signing for a longer period of time. When comparing this solution to others on the market it is priced fair, it is not at the top of the price range or at the bottom end."
  • "The pricing of the solution is fair but I do not have the full details."
  • "ForgeRock's pricing is more competitive than other products."
  • "ForgeRock is an expensive solution."

    • More ForgeRock Pricing and Cost Advice →

  • "The licensing cost is a bit prohibitive."
  • "The licensing is really not clear unless you are a premium client."
  • "Licensing is easy."
  • "It is a really nice tool and we have a license for the more complex model."
  • "It is not too expensive."
  • "It's really affordable."
  • "I do not have experience with pricing."
  • "Licensing fees are paid on a monthly basis and the cost depends on the number of users."

    • More Microsoft Entra ID Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Identity Management (IM) solutions are best for your needs.
    See Recommendations
    772,679 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Omada Identity?
    Top Answer:We don't have to go in and do a lot of the work that we did before. It may have saved us somewhere in the range of 10 to… more »
    Read all 13 answers   →
    What is your experience regarding pricing and costs for Omada Identity?
    Top Answer:My client deals directly with the Omada Identity team in terms of licensing. I never look at pricing, so I'm not aware… more »
    Read all 6 answers   →
    What needs improvement with Omada Identity?
    Top Answer:There are some technical bits and pieces that we have looked at that could be better. For instance, when you do a… more »
    Read all 13 answers   →
    What do you like most about ForgeRock?
    Top Answer:The most valuable features of ForgeRock are social login and data protection.
    Read all 20 answers   →
    What is your experience regarding pricing and costs for ForgeRock?
    Top Answer:ForgeRock is an expensive solution.
    Read all 12 answers   →
    What needs improvement with ForgeRock?
    Top Answer:The solution's deployment should be made easier.
    Read all 21 answers   →
    How does Duo Security compare with Microsoft Authenticator?
    Top Answer:We switched to Duo Security for identity verification. We’d been using a competitor but got the chance to evaluate Duo… more »
    What do you like most about Azure Active Directory?
    Top Answer:It is very simple. The Active Directory functions are very easy for us. Its integration with anything is very easy. We… more »
    Read all 102 answers   →
    What is your experience regarding pricing and costs for Azure Active Dire...
    Top Answer:It is worth the money.
    Read all 84 answers   →
    Comparisons
    Also Known As
    Omada Identity Suite, Omada Identity Cloud
    ForgeRock Identity Platform, ForgeRock OpenIDM
    Azure AD, Azure Active Directory, Azure Active Directory, Microsoft Authenticator
    Learn More
    Omada
    Video Not Available
    Ping Identity
    Microsoft
    Interactive Demo
    Omada
    Demo Not Available
    Ping Identity
    Demo Not Available
    Microsoft
    Watch a demo
    Overview

    Omada Identity delivers an end-to-end identity and access management solution with essential identity governance functionality for secure, compliant, and efficient administration of all users' access rights across on-premises or cloud-based systems. The solution provides configurable best practice processes that covers all identity and access related scenarios from providing an access risk overview, management of identities lifecycle, to automated enforcement of policies.

    ForgeRock is a comprehensive open-source identity and access management solution designed to meet the unique needs of your users and workforce. With ForgeRock you can orchestrate, manage, and secure the complete lifecycle of identities in any cloud or hybrid environment. ForgeRock allows you to set up bot detection, identity proofing, and risk-based authentication.

    With ForgeRock, you can define access policies and automate the management of the identity lifecycle all from a central, easy to use, and graphical dashboard. ForgeRock Access Management allows you to build safe authentication using options like passwordless and usernameless logins, single sign-on, biometrics, contextual analytics, and behavioral authentication. When threats appear, you can swiftly change how your users access your most sensitive applications and provide users with secure access to the applications, systems, and resources they need on demand.

    ForgeRock Benefits and Key Features

    • Elevate your security and efficiency: Consolidating your legacy systems under one single platform provides reliable, unified control over all your user identities and access-related policies. ForgeRock Access Management also supports scaling existing policies for application onto new setups.

    • Passwordless authentication: Implementing passwordless authentication is simple with ForgeRock Access Management. You can easily replace user-selected passwords with other options, such as easy multi-factor authentication, biometrics, and SSO.

    • Identity governance: ForgeRock Identity Governance is a modern, AI-driven identity governance solution. By leveraging ForgeRock generated analysis reports, you can identify and apply appropriate user access, automate high-confidence access approvals, recommend certification for low-risk accounts, and review high-risk and inappropriate user access privileges. In addition, you can grant and enforce access to systems, applications, and infrastructure according to established policies.

    Reviews from Real Users

    ForgeRock stands out among its competitors for a number of reasons. Two major ones are its robust identity and access tools and its being easy to manage and scale with one central dashboard.

    PeerSpot users note the effectiveness of these features. A technology solutions leader at an outsourcing company writes, “We need it for multiple clients, multiple implementations. Not all of them are necessarily a multi-tenant solution. We need a very versatile solution that can do a lot of work, but from a single instance that we can centralize authentications and we don't duplicate the efforts and that's where ForgeRock seems to do better.”

    Mohamed B., a cyber security consultant at a tech company, writes, "Their access management solution, OpenAM, is most valuable because it meets the needs of a lot of users. ForgeRock secured our system so that it is accessed only by authorized people, and it implemented the SSO."

    Microsoft Entra ID, previously known as Azure AD (Active Directory), is Microsoft's cloud-based identity and access management (IAM) solution. Designed to help organizations of all sizes manage user identities and create an intelligent security perimeter around their cloud and on-premise resources. Microsoft Entra ID or Azure AD is integral to the Microsoft 365 and Azure ecosystems. It provides a robust set of capabilities to manage users and groups and secure access to applications in a centralized, streamlined manner.

    Microsoft Entra ID (Azure AD) is a login system, morphing into a sophisticated identity and access management (IAM) solution for the modern, hybrid workplace. Imagine a single vault for all your digital keys – that's the essence of Entra ID's identity management. It acts as a central repository for user identities, encompassing usernames, passwords, and even additional attributes like department or employee role.

    These capabilities enabled simplified administration using a unified platform for adding, modifying, and deleting user accounts. Users no longer need to remember login credentials for a plethora of applications. Entra ID streamlines access by using the same identity across various cloud services and on-premises resources (if integrated). Centralized identity management allows for stricter enforcement of security policies and password complexity requirements across the organization.

    Authentication sits at the heart of the solution, ensuring only authorized users gain access to sensitive resources. It employs a multi-pronged approach:

    • Password Authentication: The traditional method of username and password is still supported, but Entra ID encourages stronger authentication methods.
    • Multi-Factor Authentication (MFA): Adding an extra layer of security, MFA requires users to verify their identity beyond just a password – through a code sent to their phone, fingerprint recognition, or a security key.
    • Single Sign-On (SSO): This user-friendly feature eliminates the need to enter credentials repeatedly. Users sign in once to Entra ID and gain seamless access to all authorized applications, boosting productivity.
    • Conditional Access Policies: Providing granular control over how and when users can access resources. Based on conditions like user role, location, device state, and the application being accessed, Conditional Access policies help ensure that only the right people under the right conditions can access sensitive resources.
    • Seamless Integration: Seamless integration with thousands of SaaS applications, Microsoft 365, and on-premises applications via Application Proxy or third-party identity bridges.
    • Advanced Security Reports and Alerts: Sophisticated security monitoring, reporting tools, and automated alerts. These features enable to identify potential security issues, such as atypical behavior or attempted identity attacks, allowing for swift remediation actions.

    For organizations with on-premises infrastructure, Microsoft Entra ID (Azure AD) offers hybrid identity options. This allows for a smooth integration between on-premises Active Directory and Entra ID, providing a consistent identity for users across both environments. It enables organizations to leverage their existing investments in on-premises infrastructure while taking advantage of cloud scalability and flexibility.

    In conclusion, Microsoft Entra ID (Azure AD) is a comprehensive IAM solution that addresses the complex challenges of managing and securing identities in a cloud-centric world. Its blend of ease of use, security, and integration capabilities makes it an essential component of modern IT infrastructure, supporting both operational efficiency and strategic business objectives.

    Additional links:

        Sample Customers
        Bayer, ECCO Shoes, Vattenfall, NuStar Energy, Unicredit, Schiphol Group
        Geico, Thomson Reuters, Salesforce, McKesson, Trinet, SKY, BNP Paribas, Deloitte, Capgemini, North Western University
        Microsoft Entre ID is trusted by companies of all sizes and industries including Walmart, Zscaler, Uniper, Amtrak, monday.com, and more.
        Top Industries
        REVIEWERS
        Government16%
        Computer Software Company13%
        Retailer13%
        Financial Services Firm11%
        VISITORS READING REVIEWS
        Financial Services Firm16%
        Computer Software Company13%
        Manufacturing Company7%
        Government7%
        REVIEWERS
        Financial Services Firm27%
        Non Profit9%
        Cloud Solution Provider9%
        Comms Service Provider9%
        VISITORS READING REVIEWS
        Financial Services Firm22%
        Computer Software Company13%
        Government8%
        Manufacturing Company7%
        REVIEWERS
        Financial Services Firm14%
        Computer Software Company14%
        Non Profit6%
        Educational Organization5%
        VISITORS READING REVIEWS
        Educational Organization26%
        Computer Software Company12%
        Financial Services Firm9%
        Government6%
        Company Size
        REVIEWERS
        Small Business16%
        Midsize Enterprise6%
        Large Enterprise78%
        VISITORS READING REVIEWS
        Small Business18%
        Midsize Enterprise14%
        Large Enterprise68%
        REVIEWERS
        Small Business37%
        Midsize Enterprise15%
        Large Enterprise48%
        VISITORS READING REVIEWS
        Small Business18%
        Midsize Enterprise9%
        Large Enterprise73%
        REVIEWERS
        Small Business33%
        Midsize Enterprise14%
        Large Enterprise53%
        VISITORS READING REVIEWS
        Small Business18%
        Midsize Enterprise35%
        Large Enterprise47%
        Buyer's Guide
        ForgeRock vs. Microsoft Entra ID
        May 2024
        Free Report: ForgeRock vs. Microsoft Entra ID
        Find out what your peers are saying about ForgeRock vs. Microsoft Entra ID and other solutions. Updated: May 2024.
        DOWNLOAD NOW
        772,679 professionals have used our research since 2012.

        ForgeRock is ranked 6th in Identity Management (IM) with 27 reviews while Microsoft Entra ID is ranked 1st in Identity Management (IM) with 190 reviews. ForgeRock is rated 8.0, while Microsoft Entra ID is rated 8.6. The top reviewer of ForgeRock writes "Governance and access management solution used for multi-factor authentication that is outdated with an unresponsive UI". On the other hand, the top reviewer of Microsoft Entra ID writes "Saves us time and money and features Conditional Access policies, SSPR, and MFA". ForgeRock is most compared with SailPoint Identity Security Cloud, Ping Identity Platform, Auth0, Symantec Siteminder and Saviynt, whereas Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, CyberArk Privileged Access Manager, Ping Identity Platform and Okta Workforce Identity. See our ForgeRock vs. Microsoft Entra ID report.

        See our list of best Identity Management (IM) vendors and best Access Management vendors.

        We monitor all Identity Management (IM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.