We performed a comparison between CyberArk Privileged Access Manager and OneLogin by One Identity based on real PeerSpot user reviews.
Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of CyberArk Privileged Access Manager is the vault. I am satisfied with the interface and the documentation."
"We are able to centrally manage credentials, touch applications, and rotate passwords."
"It gives us the capability to rotate passwords."
"We are able to rotate credentials and have privileged account access."
"I found it valuable that CyberArk Privileged Access Manager can be integrated with PTA (privileged threat analytics), and this means that it will tell you if there's a risk to the logins and signs of risk and if risky behavior is observed. It's a good feature. Another good feature is the CPM (central password manager) because it helps you rotate the passwords automatically without involving the admins. It can go and update the scheduled tasks and the services. At the same time, if there's an application where it cannot do all of these, CPM will trigger an automatic email to the application owners, telling them that they should go ahead and change the password. This allows you to manage the account password that CyberArk cannot manage, which helps mitigate the risk of old passwords, where the password gets compromised, and also allows you to manage the security of the domain."
"Securely protects our TAP/NUID and privileged access accounts within the company."
"The most valuable aspects of the solution include password management and Rest API retrieval of vaulted credentials."
"Helped us meet our standards and requirements to help us comply with industry standards and banking regulations."
"OneLogin is efficient."
"The solution's ability to save and manage of all my passwords is great."
"Once I made the OneLogin ID, it would essentially make user names and passwords for every application that we had."
"The solution allows the user to search logs based on a specific time."
"Ease of integration with AD."
"One aspect I particularly appreciate is their exceptional customer support whenever I've needed assistance."
"Documentation."
"When it comes to access management, the solution's single pane of glass is extremely important. The single pane of glass for access management enables collaborative work between IT and security. We have access to certain applications that require device trust. Based on the role, we can access those applications through OneLogin Desktop."
"I would like to see better usability for non-technical people."
"I would love them to improve their UI customizing features."
"Integration with the ticketing system should allow any number of fields to be used for validation before allowing a user to be evaluated and able to access a server."
"The admin interface of the Password Vault Web Access (PVWA) is moving from an old style (the classic interface) to a new style (the v10 interface) and unfortunately, this process is quite slow."
"As a customer, I might need a plugin for a specific product, or an application, and CyberArk might have already worked with some other client on it. There has to be some platform where it is available for everybody else to go and grab it, instead of my having to reinvent the wheel."
"I'd like to see a more expansive SSH tunneling situation through PSMP. Right now you have an account that exists in the vault and you say, "I want to create a tunnel using this account." I'd like to see something that is not account-based where I could say, "I want to create a tunnel to this machine over here," and then authenticate through the PSMP and then your tunnel is set up. You wouldn't need to then authenticate to a machine."
"it manages creds based on Organizational Units. That is, a "safe" is limited to specific OUs. That makes for very elaborate OU structure, or you risk exposing too many devices by putting most of them in fewer OUs."
"Initial setup is complex. Lots of architecture, lots of planning, and lots of education and training are needed."
"The tool must be made more robust."
"More off-hour support."
"While I initially used OneLogin's desktop feature to extend SSO, I discontinued it two years ago due to limitations."
"having a RESTful implementation instead of RPC would have been more desirable."
"The solution keeps going down for many hours, which impacts the entire company. You can't access any applications. OneLogin Desktop has a huge problem where it locks your computers and you need to reset the whole computer, which is pretty insane."
"I would like better reporting from SmartFactor Authentication when a user is not able to sign in due to a new location, new IP, new device, et cetera."
"We've been experiencing some pain points since the acquisition. For example, there have been some outages we didn't see previously, which are a big topic with my executive team. You have hundreds of applications relying on this service for login. If the service is unavailable, nobody can log into these applications."
"This product doesn't necessarily provide us with all of the functionality that we need, such as being able to share passwords with external users."
More CyberArk Privileged Access Manager Pricing and Cost Advice →
CyberArk Privileged Access Manager is ranked 1st in Privileged Access Management (PAM) with 142 reviews while OneLogin by One Identity is ranked 5th in Access Management with 16 reviews. CyberArk Privileged Access Manager is rated 8.8, while OneLogin by One Identity is rated 8.6. The top reviewer of CyberArk Privileged Access Manager writes "Lets you ensure relevant, compliant access in good time and with an audit trail, yet lacks clarity on MITRE ATT&CK". On the other hand, the top reviewer of OneLogin by One Identity writes "Integrated well and had a single pane of glass, but downtime and pricing were issues for us". CyberArk Privileged Access Manager is most compared with Cisco ISE (Identity Services Engine), Microsoft Entra ID, Delinea Secret Server, WALLIX Bastion and One Identity Safeguard, whereas OneLogin by One Identity is most compared with Auth0, Microsoft Entra ID, Okta Workforce Identity, LastPass and One Identity Manager. See our CyberArk Privileged Access Manager vs. OneLogin by One Identity report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.