Over 265,036 professionals have used IT Central Station research.
Compare the best Single Sign-On (SSO) vendors based on product reviews, ratings, and comparisons.
All reviews and ratings are from real users, validated by our triple authentication process.
The total ranking of a product, represented by the bar length, is based on a weighted aggregate score.
The score is calculated as follows: The product with the highest count in each area gets the highest available score.
(20 points for Reviews; 16 points for Views, Comparisons, and Followers.)
Every other product gets assigned points based on its total in proportion to the #1 product in
that area. For example, if a product has 80% of the number of reviews compared to the product
with the most reviews then the product's score for reviews would be 20% (weighting factor) *
80% = 16. For Average Rating, the maximum score is 32 points awarded linearly based on our
rating scale of 1-10. If a product has fewer than ten reviews, the point contribution
for Average Rating is reduced (one-third reduction in points for products with 5-9 reviews;
two-thirds reduction for products with fewer than five reviews). Reviews that are more than 24 months old,
as well as those written by resellers, are completely excluded from the ranking algorithm.
The IT Central Station community agrees that the two most necessary requirements of single sign-on solution are security and widespread usability. Users said the solution should support SSPI (Security Support Provider Interface), computer network authentication protocols such as Kerberos, and PAM (Pluggable Authentication Modules) like OAuth 2.0, along with lightweight directory access protocol applications.
Single Sign-On (SSO) Reviews
Read reviews of Single Sign-On (SSO) that are trending in the IT Central Station community:
Your trust is our top concern, so companies can't alter or remove reviews.
The most valuable feature is that it meets the requirements of the customer. You have a lot of features in the product. Every product has them, but the question is, are these products going to meet the requirement of the customer? Because, if... more»
If I describe what actually happened, a little bit of the business case, that will help you to understand what it was like. The customer is the kind of customer that really doesn't want to share anything. When a person joins that... more»
I think the future release is, if you ask me, I think they have done a lot in the new release, especially the front end. The front end was not as good. CA did a good job in doing it, especially when I look at the new identity suite. They have... more»
Better documentation. I went through some sessions on single sign-on for version 12.7. Whatever features we are looking for from a REST API perspective, they will be there. So far, it is good. We have to implement it, and figure out what is... more»
As our identity model continues to mature, probably the Federation is most valueable. In IT, you're seeing a large shift to the cloud, and to using software as a service applications and, because of that, you still need to be able to securely... more»
I've talked to them about this: I'd like to see a rework of the user directory configuration. In Single Sign On, whenever you set up a new user directory, there is a pretty specific number of hoops that you have to jump through in order to... more»
The most valuable feature is that it takes a lot of the logic for authentication and authorization out of the hands of your application and moves it into a centralized framework. Once we have our authentication and authorization policies set,... more»
It has reduced developer costs; we get some of that back. Before, when we used a tool that was engineered in-house, it still required a lot of developer resources. Every time we created a new application, it needed to integrate into our... more»
One thing that we found a little difficult, was the default functionality to understand error messages coming back from a directory. You had to either use an add-on product or an advanced password service or perhaps change components within... more»
Federation, for sure, because we have a lot of third-party vendors that we need to integrate with, and this is a turnkey solution in some ways. The Directory is secure. It's our user store, and it's important to keep our members safe. The... more»
I think they need to integrate some of the newer types of authentication into the product. I'm not seeing the innovation when it comes to biometrics in the product. Also, easier integration with third-party partners to OpenID Connect because... more»
It presents a standard pattern for people to secure their applications. In that regard, along with the tooling that we've built around the product, but the product itself as well facilitates app teams being able to do their application... more»
I think our questions, from me and our team, relate potentially to other products in the CA portfolio. There are other things such as strong authentication, risk-based authentication, and especially API management, which all represent a... more»
Single Sign-On functionality is valuable because the core purpose of the product is to allow universal (or bespoke) SSO for application suites. These are heavily customizable and can fully integrate with in-house provisioning systems.
Allows users to use a single password across a set of multi-tenant application suites. This would have otherwise required 50-100 unique passwords per application. This allows the user to inject a centralized password (a.k.a. authentication... more»
The profiling element is incredibly robust, but also equally as complex, it requires an off-site course to be able to understand the context or the plethora of options available. The majority of the "IMS profiles" we use are too dangerous to... more»
The most valuable feature is being able to debug problems, even though it can be a little bit complex and you have to know quite a bit to be able to dig around, root around, and figure out what the problem is. But I think getting into it,... more»
It definitely makes customers' or users' lives easier. People don't really appreciate it until they don't have it. Once everyone has SSO, if you took it away, they'd say something like, "Oh my God. I've got to put my password in every single... more»
* I would like to have a really simple interface; a more modernesque, cloud-based interface, with dynamic real-time information on the various configurations or object configuration points that associate with the applications. * Ease-of-use *... more»
WebSEAL is a reverse proxy web server that performs authentication and authorizations. It is similar to CA SiteMinder Secure Proxy Server. The advantage of WebSEAL is that WebSEAL supports SPNEGO protocol and Kerberos authentication to... more»
The combination of TAM with IDM in IBM Tivoli Identity Manager helped us to realize robust and secure authentication infrastructure in accordance with industry regulations and laws. * Providing centralized authentication authority and enforce... more»
Due to a constraint of the built-in browser in a Handy phone (called NTT i-Mode), the former version of TAM could not be used in the Japan market. The issue was resolved by the decline of Japan-specific Handy phones. Cookies were not... more»
There is no group inheritance. The management through the plugin is poor. It consumes tons of client resources especially as an administrator. The plugin crashes from time to time. URL recognition is difficult especially when adding new... more»
It provides the breadth and the width to provide solutions for the different kinds of technologies which we have. Stability is the most important thing for us. It just allows the user a simple, one way of authenticating. They really made life simple for the user and and the user experience has improved. The user doesn't have to memorize and retain many... more»
As we are moving in to the mobility space, this is where we really see SiteMinder and their other product really come together to provide a solution base to a different area where the IoT is coming, the different business communications are happening. All of those things require authentication and we really want to see this product grow into that role.
SSO provides out-of-the-box authentication for the majority of the apps; and it provides a holistic solution for the company. Right now, we are using an on-premise solution. If we want to move to the Cloud, CA has that solution as well. So... more»
SSO has impacted security on the whole. It has provided a very good user experience. We have recently moved from an experience in which users had to log in multiple times. Now they love it because they don't even have to have a log in because... more»
CA has come up with and has talked about Cloud-based solutions. I would like to see more mature ideas than what they're providing. I'm sure they have that on their roadmap. There are certain integration points that can be leveraged and made... more»
People do not have to remember 35 to 40 usernames and passwords. They have a link to go to their page that they need to work on, and it is there. It knows it is them. If we lose an employee, they no longer can sign in from anywhere in the... more»
I would prefer to see their SAML integration be a more streamlined and easier interface, more like PingFederate's interface. Their product works just as well for that use case, but we do not use it, because it is a much larger learning curve... more»
We can access our sign-ins and passwords on up to five devices per user. This means I can access a given site and my login and password for that site from my home and office computers as well as my phone and iPad. We can share passwords and... more»
I personally add fields and save contact phone numbers or agency codes which I now can access wherever I am. I used to have to wait until I got to the office to get a password or some key information. It has saved me trips. We have 16 people... more»
I am very satisfied with the current features. They could possibly add a pre-designed contact feature that would work similar to a cell phone contact feature. The information that I need along with the web address and the passwords is often... more»
There are a few valuable features in this product, such as single sign-on and web access management. Centralized control to enforce security for the entire enterprise and complete visibility of the policies which we implement for most of the... more»
It improves the working of our organization in the way that it secures most of the web applications or mobile applications. In addition, we don't have to depend on any other application teams to do any custom coding, as such.
Some of the features need to be improved. For example, the Federation feature. CA SSO is getting into that space and can definitely do better than the other products that are available. It doesn't have a lot of features. I think there is some... more»
The biggest value for us is being able to use SSO as a service that we can expose to all of our customers. For all of our customers, the idea is to have a single sign on where one account is created to access all of our systems.
It really improved the speed to market from account creation through provisioning, and onboarding. That's really one of the biggest advantages. Also, as users move from system to system, their account access follows them through it; so you... more»
I'm not sure that it needs to do any more than it already does. I think as a solution, SSO works pretty well out of the box today. Out-of-the-box integration with other products would be an improvement, like the API Gateway; how we use the... more»
One of the most valuable features is the simple FSSO (Fortinet Single Sign-On) configuration that helps to manage user-based security rules. It is a cool security product. It's easy to use, implement and maintain, but there is room for... more»
When we came across access management, we required several technical features to help manage user access to critical systems and remote access. That’s why we always go for a SSO two-factor authentication server. FortiAuthenticator is a bundle... more»
The GUI is not fancy enough and some of the settings are difficult to access. Part of the configuration has to be done by CLI, which is not friendly for security administrators. Integration with other firewalls may not be as good as expected.
A number of new features, such as application firewall and load balancer, were added to this solution. These features are no longer available as a software version, but only as an appliance (virtual or hard). The same appliance firmware... more»
It acts as a reverse proxy, a single point for authentication and authorization. Advanced access control introduces adaptive or risk-based authentication. Federation makes it possible to federate using SAML and OAuth.
I would like to see the possibility to administer the appliances from one “master” appliance, instead of having to log in to each particular appliance. If you have for example 4 appliances, two act as reverse proxy and two as master... more»
The flexibility; the multiple authentication schemes you can use; and the fact that you can use SiteMinder single sign-on to protect web services and web applications. Customer support has been great too. CA has been good with my questions,... more»
We're able to have one single centralized way of logging in when you have shared sessions across all applications. It's flexible enough to have our two factor off implementation with it. It just makes things really easy for our users, both... more»
Like I said, it's pretty flexible. I mean it's met every one of our needs so far. We're currently looking to find ways of using the same authentication, which we've never actually used in it yet. We're working with other companies now to... more»
We use it on the agent model, and we have a lot of capabilities which we leverage to do it on the different apps, so critical apps are protected better. And we do step up using this, but we are looking at other products now to do the advanced... more»
I would like to see a move towards the newer technologies, which is what we are doing right now. I think that's in the roadmap that's coming, in the 12.8 and 14 releases, but we would like to have it sooner than later.
• 20+ years of information technology experience, including twelve years of leadership/project management roles, in process analysis, software architecture, development, data modeling, implementation, infrastructure support and change control management. Analysis and design of medium to large... more>>
A results-driven and customer-focused Software Engineer with 11+ years of IT experience. A Engineer with very strong understanding of IAM concepts and processes and experience in the design and/or architecture of complex security and IAM solutions as well as products.
Last 10+ years working in... more>>
Experienced Professional with a distinguished 16-year career in the IT Infrastructure Management Services Industry. Strong track record of successfully executing IT Projects with proven history of meeting schedule and business goals. Demonstrated ability to support business transformation aiming... more>>