We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Its ability to provide secure connections to people at all locations is the most valuable. It is mostly used by enterprises."
"The ability to grant access to other organizations is helpful."
"Single sign-on provides flexibility and helps because users don't want to remember so many passwords when logging in. It's a major feature. Once you log in, you have access to all the applications. It also enables us to provide backend access controls to our users, especially when it comes to groups, as we are trying to normalize things."
"The most valuable feature is the ability to set up conditional access, where you can enforce users to connect using multifactor authentication."
"Multi-factor authentication (MFA) has improved our customers' security posture. Multi-factor authentication has two layers of authentication, which helps in case you input your credentials into a phishing website and then it has access to your credentials. So if they use your credentials, then you have proof on your phone that was sent to the end user."
"It is cloud based so it is always updated,"
"The cloud security part is very valuable. Security is the most important thing in today's world. With Azure Active Directory, there are some features that tell you how you need to improve your security level. It informs you if you set up certain policies, e.g., this is where my users sign in. It tends to let you know if your organization has been breached with this security set up. Therefore, it is easier to know when you have been breached, especially if you set up a Conditional Access policy for your organization."
"It offers features that improve our security posture such as multifactor authentication, which is the second layer of protection that is used when we log into the cloud."
"The solution is very scalable. We have a lot of users that have been increasing over the years that we have been using it. We have approximately 20,000 users."
"ForgeRock has CIAM, which other products didn't have, and they have DevOps ready."
"Even though we have very small business interests with them today, they see that we plan on growing drastically over the next two years. Therefore, we have excellent support and we are now at a point where we are not calling tech support. We pick up a phone and call the Account Manager and they'll get everything resolved for us. We don't have to queue along with everybody else and go through a long process."
"I like the intelligent authentication feature."
"Their access management solution, OpenAM, is most valuable because it meets the needs of a lot of users."
"We create and define the permissions and configurations for the users."
"The solution integrates well and it is important for them to keep up with the current trends in the market quickly enough, and they have been doing a good job at it."
"Having a single sign-on to all our applications."
"The most valuable features depend on a customer's needs. Our customers generally find multi-factor authentication very useful."
"The initial setup is easy."
"The support for YubiKey is really good because you don't actually have to type in your username and password."
"The most valuable features are ease of operation and visibility."
"The MFA part is the best. MFA provided most of the security that we were looking at with respect to the second level of authentication. Okta Workforce Identity provides a number of options with respect to multifactor authentication, such as the app, phone call, and text. These options provide different ways of logging in for users, and they were a lot more than what we needed. This is certainly a very good feature of Okta Workforce Identity."
"It is dependent on the evolution of your user base. It depends on usage per user, so the more sign-ins there are, the more expensive it becomes, so it works best for smaller companies from a financial perspective."
"The solution so far has been very stable."
"I would like it to be easier to integrate third-party applications."
"The support for identification to the application environment could be improved, e.g., Active Directory Federation Services should be implemented in other applications. They need something like software development kits (SDKs) for integration with our own applications, which is not so easy to implement. We would also like synchronization of identities between identities in applications like Azure."
"Everything should be in one package. There are so many different packages. They need to provide guidance because there are so many features and we don't know how to implement them in our organization."
"The monitoring dashboard could be a bit better."
"It would be ideal if the solution moved to a passwordless type of environment. It's the future of authentification. It's also more secure and convenient."
"My understanding is, in the future, they will be able to bring everything into one single platform and they are not there yet."
"There is a concept of cross-tenant trust relationships, which I believe Microsoft is actively pursuing. That is something which in the coming days and years to come by will be very key to the success of Azure Active Directory, because many organizations are going into mergers and acquisitions or spinning off new companies. They will still have to access the old tenant information because of multiple legal reasons, compliance reasons, and all those things. So, there should be some level of tenant-level trust functionality, where you can bring people from other tenants to access some part of your tenant application. So, that is an area which is growing. I believe Microsoft is actively pursuing this, and it will be an interesting piece."
"The Azure AD Application Proxy, which helps you publish applications in a secure way, has room for improvement. We are moving from another solution into the Application Proxy and it's quite detailed. Depending on the role you're signing in as, you can end up at different websites, which wasn't an issue with our old solution."
"In an upcoming release, the solution could improve by limiting the need to do customizations."
"I find that it's quite expensive for just an open-source system. Support is quite expensive."
"The solution requires more simplified customization. However, part of the problem is my clients determining their own preferences. Technology can help and do many things, but you have to define your own policies to ensure that the solution or service works within those parameters. Helping customers understand their business and different processes is another issue not relating to the functionality of this solution."
"It should have a better user interface. Its flexibility should also be improved. It is not about simplifying; it is more about flexibility. Each company has its own requirements, and ForgeRock can provide more flexibility in terms of the use of existing modules to implement features for the customers."
"Automatic Deployment needs improvement. it could be made easier."
"It should be a little bit easier to implement. It is user-friendly, but there is always scope for improvement."
"We're worried about the scaling. We're told it will be okay and there won't be issues, however, I'm not 100% convinced."
"It can have more API integrations."
"SSO and MFA for improved end-user experience, and protection against password spray attacks, account password self-service."
"The pricing could be improved."
"The solution can be quite expensive."
"The guest user access could be improved."
"There are some issues with the interface that can be improved."
"It would be pricing, which is a tough one because it goes against Microsoft. A lot of companies say they're a Microsoft partner, and they get all their software for free. Okta is like a luxury product, and it's not the most affordable one. I would say if they could work on pricing, it would help. Other than that, they've done great strides in developing a product that is really good. The companies that do see the value tend to invest in it."
"The lifecycle management part can be improved. It should also have identity governance and the ability to choose a specific factor authentication at the application level. Its licensing and pricing can also be improved."
"Licensing fees are paid on a monthly basis and the cost depends on the number of users."
"I think we're on the E3 — I think it was about 35 dollars per user."
"For you to make use of some of the security features, you need to upgrade your licenses. If it is possible, could they just make some features free? For instance, for the Condition Access policy, you need to set that up and be on Azure AD P2 licensing. So if they could make it free or reduce the licensing for small businesses, that would be cool, as I believe security is for everyone."
"For the Czech people, the solution is not cheap, as we are not a rich country. However, for most countries, the product pricing is acceptable."
"If you are dealing with one supplier with an out-of-the-box solution, which provides you end-to-end capabilities, then it is naturally cheaper and less of a headache to manage and operate."
"We have various levels of their licensing, which includes users on different levels of their enterprise offering."
"Azure Active Directory is more expensive than Google, but the capabilities they provide are superior."
"The E5 plan we are using contains the premium plans for Azure Active Directory. We are not paying only for the Azure Active Directory Premium licenses. We have it already included within our E5 plan."
"It's a bit pricey and could be more competitive."
"Its price is comparable to other products in the market."
"We have multiple clients we are looking at right now. We are at a very small number, however, the idea and the goal is to grow. We are looking at about $100,000 and $50,000 a minimum a month cost. That'd be minimum maybe in a couple of years."
"The license is purchased annually per user. However, you can negotiate if you are signing for a longer period of time. When comparing this solution to others on the market it is priced fair, it is not at the top of the price range or at the bottom end."
"Its licensing is on a yearly basis, but it also depends on the contract that you have with the vendor. They have multiple types of contracts. There are additional costs to the standard licensing fees. If you need some of the features, you have to pay more."
"The pricing of the solution is fair but I do not have the full details."
"It is costly for large companies."
"It could be a bit too pricey for small companies. Okta Workforce Identity can add a lot of benefits, but smaller companies may not have a lot of applications that need to be managed by Okta Workforce Identity. In larger organizations, there are more departments, applications, and users to manage. Okta Workforce Identity adds a bit more value to those bigger organizations. In addition to standard licensing fees, there are also additional costs for things"
"It has a yearly subscription. As compared to its competitors, it is quite expensive. It also has a complex licensing model."
"License is around US$20,000 annually."
"The price of this product could be lower."
"I believe it competes well. The pricing is pretty competitive. I know that Microsoft also provides something similar with its MFA and identity services."
The Azure Active Directory (Azure AD) enterprise identity service provides single sign-on and multi-factor authentication to help protect your users from 99.9 percent of cybersecurity attacks. With Azure Active Directory, you get:
- Single sign-on enabling access to your apps from anywhere
- Conditional Access and multi-factor authentication to help protect and govern access
- A single identity platform to engage with internal and external users more securely
- Developer tools to easily integrate identity into your apps and services
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
Okta is an enterprise grade identity management service, built from the ground up in the cloud and delivered with an unwavering focus on customer success. With Okta, IT can manage access across any application, person or device. Whether the people are employees, partners or customers or the applications are in the cloud, on-premises or on a mobile device, Okta helps IT become more secure, make people more productive, and maintain compliance. Okta is an on-demand identity and access management service for web based applications, both in the cloud and behind the firewall.
ForgeRock is ranked 3rd in Access Management with 7 reviews while Okta Workforce Identity is ranked 2nd in Access Management with 15 reviews. ForgeRock is rated 7.4, while Okta Workforce Identity is rated 8.6. The top reviewer of ForgeRock writes "Good for multi-client setups and easy to implement but the scalability seems uncertain". On the other hand, the top reviewer of Okta Workforce Identity writes "Good product with ease of deployment, ease of use, speed of delivery, and easy integration with other software". ForgeRock is most compared with SailPoint IdentityIQ, CyberArk Privileged Access Manager, PingID, Saviynt and OpenIAM Identity Governance, whereas Okta Workforce Identity is most compared with Google Cloud Identity, SailPoint IdentityIQ, Auth0, OneLogin Workforce Identity and Saviynt. See our ForgeRock vs. Okta Workforce Identity report.
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.