We performed a comparison between ForgeRock and Microsoft Entra ID based on real PeerSpot user reviews.
Find out in this report how the two Identity Management (IM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most relevant feature is Omada's reporting engine. Omada never 'forgets' and archives every process. All steps an admin, user, or manager has executed, are recorded in Omada."
"Our customers have benefited from Omada Identity automating the certification process. Most of our customers were using manual methods for user access certification. With Omada Identity, you can automate almost all of it, which means that certification now becomes on demand. You don't have to wait for two or three months to execute a certification timeframe. Instead, you can do certifications as often as you want."
"Omada's most valuable aspect is its usability."
"You can make resources. You can import them from Azure or Active Directory and put them in an application. For example, if there is an application that uses a lot of Active Directory groups, you can make the groups available for people. If they need to access that application, you can tell them the resource groups you have for that application. People can do everything by themselves. They do not need anybody else. They can just go to the Omada portal, and they can do it all by themselves. That is terrific."
"It has a lot of out-of-the-box features. It is flexible, and there are a lot of possibilities to configure and extend it. It is user-friendly. It has an interface that is end-user or business-user friendly."
"The support for the validity of the resources is valuable. The tool allows resource assignments within a validity period so that the managers do not have to remember to revoke the access once the work is done."
"The administrative features and SoD are valuable."
"Omada's user interface is elegant and easy to work with. I like Omada's ability to automatically generate accounts for new hires and allow them access to all required systems by established policies. Around 80 percent of workers can start working immediately on their first day without requesting further access."
"I like the intelligent authentication feature."
"The solution is very scalable. We have a lot of users that have been increasing over the years that we have been using it. We have approximately 20,000 users."
"Even though we have very small business interests with them today, they see that we plan on growing drastically over the next two years. Therefore, we have excellent support and we are now at a point where we are not calling tech support. We pick up a phone and call the Account Manager and they'll get everything resolved for us. We don't have to queue along with everybody else and go through a long process."
"I like the way it is handling authentication and authorization."
"We have found the identity and access management tools in the solution to be particularly useful for our organization."
"The support is good and prompt."
"ForgeRock is an extensive product with many functionalities and capabilities, much more than many other tools combined."
"The most valuable features of ForgeRock are social login and data protection."
"The best thing about Active Directory is its compatibility. It works with lots of third-party vendors. We're using multiple products, and they're all integrated with our Active Directory."
"When logging on to Azure AD it's pretty quick."
"I would say that Azure AD's pricing is very reasonable because of the structure and in terms of the solution."
"The most valuable feature is the conditional access policies. This gives us the ability to restrict who can access which applications or the portal in specific ways."
"I like that you can run it on-premises. I also like that I can use Azure at any time as the main one."
"We use Verified ID to select and deselect users. During the pandemic, we had many users who left our organization or were no longer involved in certain projects but had their user credentials with them. To prevent data loss and data piracy, we deselected those remote users from Active Directory, and it was a very quick process."
"The most valuable feature is the factor identification. I find that it is natural integration, and it is just a natural step. I do not need to do anything else."
"Many of its features are valuable, including: facilitating application authentication, privileged access management, processes for attestation, and access reviews."
"The reporting on the warehouse data and the import process both have room for improvement."
"There's a challenge with handling large amounts of data in this system."
"Improved traceability would be helpful for administrators. For example, let's say a user's permission is being revoked. We can only see the system that has carried out a particular action but not what triggered it. If an event definition or something has changed in the criteria for the permission being removed or something like that, we don't have immediate access to that information. It takes a little detective work."
"Omada could communicate better with us about the product roadmap. We haven't gotten any updates about it. The user interface is often a bit difficult to understand. It isn't optimized for small screens, so it doesn't display all of the information clearly, so users need to scroll a lot."
"In our organization, all the data is event-driven, which means that if an attribute is changed in the source system, it can be updated within a few seconds in all end-user systems. There is room for improvement in Omada regarding that. Omada is still batch-based for some processes, so sometimes it can take an hour or even four hours before the execution is run and the update is sent."
"The security permission inside Omada needs improvement. It's tricky to set up."
"Omada's reporting functionality is limited and could benefit from greater customization."
"If I had to name one thing, it would be the user interface (UI)."
"We raised tickets asking for improvements, but sometimes we don't get the proper solution. They are responding, but the ticket is open for weeks and weeks. For some issues, we don't get a satisfactory solution or the solution doesn't work."
"We're worried about the scaling. We're told it will be okay and there won't be issues, however, I'm not 100% convinced."
"We would like this solution to be developed for use with mobile applications."
"I think the upgrade process is sometimes a little complicated and there are failures that occur."
"The product's support services in the French language are not free."
"As with any complex software platform, there is a learning curve to using ForgeRock, and it may require specialized expertise to implement and manage effectively."
"The user interface could be improved as it is cumbersome and outdated. It doesn't have a responsive UI."
"It should have a better user interface. Its flexibility should also be improved. It is not about simplifying; it is more about flexibility. Each company has its own requirements, and ForgeRock can provide more flexibility in terms of the use of existing modules to implement features for the customers."
"We would like to see more system updates."
"Azure Active Directory could benefit by adding the capability for identity life cycle for the on-premise solution. For example, an HR solution, which is built on-premise or, in general, better on-premise capable solutions."
"Sometimes, what one customer may like, another may not like it. We have had customers asking, "Why is Microsoft forcing us to do this?" For example, when you use Exchange Server on-premise, then you can customize it for your company and these customizations are unlimited. However, if you use Exchange Online or with Microsoft 365, then your ability to make modifications is limited. So, only the cloud versus is limited."
"The solution has certain limitations. For example, it has very little governance functionality."
"Microsoft has so many different requirements and priorities that sometimes they don't invest all their energy into the products that you have expectations to investigate."
"When we add some user groups, at times they will not be properly configured. Also, sometimes Azure AD is not aware of the group policy, like the control, device functions, and settings, in detail. For example, you cannot configure these settings through mobile devices. It doesn't provide the flexibility to do that. The other challenge is that a third-party application may provide access without authorization."
"The SSO MyApps interface is very basic and needs better customization capabilities."
"The support could be better. Lately, they sort of dropped off a bit in terms of quality."
ForgeRock is ranked 6th in Identity Management (IM) with 27 reviews while Microsoft Entra ID is ranked 1st in Identity Management (IM) with 190 reviews. ForgeRock is rated 8.0, while Microsoft Entra ID is rated 8.6. The top reviewer of ForgeRock writes "Governance and access management solution used for multi-factor authentication that is outdated with an unresponsive UI". On the other hand, the top reviewer of Microsoft Entra ID writes "Allows users to authenticate from home and has excellent integrations in a simple, stable solution". ForgeRock is most compared with SailPoint IdentityIQ, PingID, Auth0, Symantec Siteminder and Saviynt, whereas Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, CyberArk Privileged Access Manager, Yubico YubiKey and Cisco Duo. See our ForgeRock vs. Microsoft Entra ID report.
See our list of best Identity Management (IM) vendors and best Access Management vendors.
We monitor all Identity Management (IM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.