ForgeRock vs One Identity Active Roles comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between ForgeRock and One Identity Active Roles based on real PeerSpot user reviews.

Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed ForgeRock vs. One Identity Active Roles Report (Updated: March 2020).
765,386 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"ForgeRock products are customizable, and the out-of-the-box features are solid, too. I primarily use the OIDC compliance features. It's just a configuration. it's easy to set up and customize trees. We can add our own features if necessary. Banks and corporations have different standards and specific validations.""I like the intelligent authentication feature.""ForgeRock has CIAM, which other products didn't have, and they have DevOps ready.""Their access management solution, OpenAM, is most valuable because it meets the needs of a lot of users.""The solution is very scalable. We have a lot of users that have been increasing over the years that we have been using it. We have approximately 20,000 users.""We used it to implement multi-factor authentication and to improve our security posture as well as reducing the potential for attacks.""Easy to customize and adaptable to any environment.""The solution integrates well and it is important for them to keep up with the current trends in the market quickly enough, and they have been doing a good job at it."

More ForgeRock Pros →

"The most valuable features include auditing, dynamic grouping, and creating dynamic groups based on AD attributes.""Having a tool to manage all changes to AD from a single pane of glass is awesome.""The solution is stable.""It gives us attribute-level control and the AD management features work very well.""It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool.""The AD and AAD management features of this solution are really good... They offer added value by showing more fields such as password age and the statuses of some things that we normally wouldn't see.""Secure access is the most valuable feature.""It provides automatic provisioning/update/deprovisioning workflows from a source system to a target system."

More One Identity Active Roles Pros →

Cons
"We're worried about the scaling. We're told it will be okay and there won't be issues, however, I'm not 100% convinced.""In an upcoming release, the solution could improve by limiting the need to do customizations.""The solution's deployment should be made easier.""The solution's documentation is not very good, and they do not give more details.""As with any complex software platform, there is a learning curve to using ForgeRock, and it may require specialized expertise to implement and manage effectively.""The product's support services in the French language are not free.""ForgeRock is an open source solution and is available to everyone but it is not freeware. If you need support, you need a subscription for ForgeRock. Many of its functionalities need to be built up with the help of a consultant.""The user interface could be improved as it is cumbersome and outdated. It doesn't have a responsive UI."

More ForgeRock Cons →

"There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them.""The initial setup was quite easy, but it was time-consuming. It took about three months.""For ActiveRoles, it would be good if the product supports multi-scripting language. You can use only VBScript.""The solution needs an attestation process that includes certification and recertification attestation.""The way you can search groups could be better.""The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint.""The ability to send logs to a SIEM would be very beneficial.""In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets."

More One Identity Active Roles Cons →

Pricing and Cost Advice
  • "It's a bit pricey and could be more competitive."
  • "We have multiple clients we are looking at right now. We are at a very small number, however, the idea and the goal is to grow. We are looking at about $100,000 and $50,000 a minimum a month cost. That'd be minimum maybe in a couple of years."
  • "Its price is comparable to other products in the market."
  • "Its licensing is on a yearly basis, but it also depends on the contract that you have with the vendor. They have multiple types of contracts. There are additional costs to the standard licensing fees. If you need some of the features, you have to pay more."
  • "The license is purchased annually per user. However, you can negotiate if you are signing for a longer period of time. When comparing this solution to others on the market it is priced fair, it is not at the top of the price range or at the bottom end."
  • "The pricing of the solution is fair but I do not have the full details."
  • "ForgeRock's pricing is more competitive than other products."
  • "ForgeRock is an expensive solution."
  • More ForgeRock Pricing and Cost Advice →

  • "The licensing model is a simple user-based model, not that much complicated."
  • "The price is reasonable. It costs us about 1 million Danish kroner annually, and we also spend about half as much on consultants."
  • "The pricing is on the higher end."
  • "It's fairly priced."
  • "It's expensive."
  • More One Identity Active Roles Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Access Management solutions are best for your needs.
    765,386 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The most valuable features of ForgeRock are social login and data protection.
    Top Answer:The solution's deployment should be made easier.
    Top Answer:The solution is fairly priced. That said, I have nothing to compare it to.
    Top Answer:The solution has not enabled us to reduce password reset times. It has not automated provisioning. The group attestation could be improved. It was a feature that was available in version 5. You can… more »
    Ranking
    4th
    out of 36 in Access Management
    Views
    3,330
    Comparisons
    2,257
    Reviews
    10
    Average Words per Review
    481
    Rating
    8.4
    Views
    1,813
    Comparisons
    772
    Reviews
    5
    Average Words per Review
    673
    Rating
    8.0
    Comparisons
    Also Known As
    ForgeRock Identity Platform, ForgeRock OpenIDM
    Quest Active Roles
    Learn More
    Overview

    ForgeRock is a comprehensive open-source identity and access management solution designed to meet the unique needs of your users and workforce. With ForgeRock you can orchestrate, manage, and secure the complete lifecycle of identities in any cloud or hybrid environment. ForgeRock allows you to set up bot detection, identity proofing, and risk-based authentication.

    With ForgeRock, you can define access policies and automate the management of the identity lifecycle all from a central, easy to use, and graphical dashboard. ForgeRock Access Management allows you to build safe authentication using options like passwordless and usernameless logins, single sign-on, biometrics, contextual analytics, and behavioral authentication. When threats appear, you can swiftly change how your users access your most sensitive applications and provide users with secure access to the applications, systems, and resources they need on demand.

    ForgeRock Benefits and Key Features

    • Elevate your security and efficiency: Consolidating your legacy systems under one single platform provides reliable, unified control over all your user identities and access-related policies. ForgeRock Access Management also supports scaling existing policies for application onto new setups.

    • Passwordless authentication: Implementing passwordless authentication is simple with ForgeRock Access Management. You can easily replace user-selected passwords with other options, such as easy multi-factor authentication, biometrics, and SSO.

    • Identity governance: ForgeRock Identity Governance is a modern, AI-driven identity governance solution. By leveraging ForgeRock generated analysis reports, you can identify and apply appropriate user access, automate high-confidence access approvals, recommend certification for low-risk accounts, and review high-risk and inappropriate user access privileges. In addition, you can grant and enforce access to systems, applications, and infrastructure according to established policies.

    Reviews from Real Users

    ForgeRock stands out among its competitors for a number of reasons. Two major ones are its robust identity and access tools and its being easy to manage and scale with one central dashboard.

    PeerSpot users note the effectiveness of these features. A technology solutions leader at an outsourcing company writes, “We need it for multiple clients, multiple implementations. Not all of them are necessarily a multi-tenant solution. We need a very versatile solution that can do a lot of work, but from a single instance that we can centralize authentications and we don't duplicate the efforts and that's where ForgeRock seems to do better.”

    Mohamed B., a cyber security consultant at a tech company, writes, "Their access management solution, OpenAM, is most valuable because it meets the needs of a lot of users. ForgeRock secured our system so that it is accessed only by authorized people, and it implemented the SSO."

    One Identity Active Roles is a highly regarded solution for Active Directory (AD) security and account management. One Identity Active Roles will enhance group, account, and directory management while eradicating the need for manual processes. The end result is a significant increase in the overall speed, efficiency, and security of the organization.

    Using One Identity Active Roles, users can:

    • Easily increase and strengthen native attributes of Active Directory (AD) and Azure AD.

    • Quickly unify and automate group and account management while protecting and securing critical administrative access.

    • Free up valuable resources to concentrate on other IT tasks, fully confident that your user permissions, critical data, and privileged access are safe and secure.

    Managing accounts in AD and Azure AD can be tremendously challenging; continually keeping these important systems safe and secure presents an even greater challenge. Traditional tools can be inefficient, error-prone, and very disjointed. In today’s robust marketplace, organizations are finding it somewhat difficult to keep pace with the constant access changes in a hybrid AD ecosystem. Additionally, there are significant security issues to consider (government compliance, employee status/access changes, and other confidential business requirements). And, of course, there is a requirement to properly manage Active Directory and Azure Active Directory access in addition to managing all the other numerous SaaS and non-Windows applications that organizations use today.

    Users can easily automate all of these tedious, mundane administrative tasks, keeping their systems safe and error-free. Active Roles ensures users can perform their job responsibilities more effectively, more efficiently, and with minimal manual intervention. Active Roles was created with a flexible design, so organizations can easily scale to meet your organizational needs, today, tomorrow, and in the foreseeable future.

    Reviews from Real Users

    A PeerSpot user who is a Network Analyst at a government tells us, “It has eliminated admin tasks that were bogging down our IT department. Before we started using Active Roles, if one of our frontline staff members deleted a user or group, it could take several hours to try to reverse that mistake. Whereas now, the most our frontline staff can do is a deprovision, which just disables everything in the background, but it's still there. We can go in and have it back the way it was two minutes later. Instead of it taking two hours, it only takes two minutes.

    Becky P., Sr Business Analyst at George Washington University, shares, “In addition, with the use of workflows and the scheduled tasks, we were able to automate and centrally manage a number of the processes as well as utilize them to work around other product limitations. Those include, but are not limited to syncing larger groups, which have 50,000 plus members, to Azure AD. We sync up to Azure AD using ARS. If we had not already had ARS in place, it would have been impossible for us to have done so in the time period we did it in. We did it in under six months. ARS probably saves us at least two weeks out of every month. It's reduced our workload by 50 percent, easily.”

    Sample Customers
    Geico, Thomson Reuters, Salesforce, McKesson, Trinet, SKY, BNP Paribas, Deloitte, Capgemini, North Western University
    City of Frankfurt, Moore Public Schools, George Washington University, Transavia Airlines, Howard County, MD. See all stories at OneIdentity.com/casestudies
    Top Industries
    REVIEWERS
    Financial Services Firm27%
    Legal Firm9%
    Outsourcing Company9%
    Security Firm9%
    VISITORS READING REVIEWS
    Financial Services Firm22%
    Computer Software Company13%
    Government7%
    Insurance Company7%
    REVIEWERS
    Financial Services Firm18%
    Aerospace/Defense Firm18%
    Consumer Goods Company9%
    Manufacturing Company9%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm11%
    Government10%
    Healthcare Company8%
    Company Size
    REVIEWERS
    Small Business37%
    Midsize Enterprise15%
    Large Enterprise48%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise9%
    Large Enterprise73%
    REVIEWERS
    Small Business28%
    Midsize Enterprise6%
    Large Enterprise67%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise11%
    Large Enterprise67%
    Buyer's Guide
    ForgeRock vs. One Identity Active Roles
    March 2020
    Find out what your peers are saying about ForgeRock vs. One Identity Active Roles and other solutions. Updated: March 2020.
    765,386 professionals have used our research since 2012.

    ForgeRock is ranked 4th in Access Management with 27 reviews while One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews. ForgeRock is rated 8.0, while One Identity Active Roles is rated 8.6. The top reviewer of ForgeRock writes "Governance and access management solution used for multi-factor authentication that is outdated with an unresponsive UI". On the other hand, the top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". ForgeRock is most compared with SailPoint IdentityIQ, PingID, Microsoft Entra ID, Auth0 and Symantec Siteminder, whereas One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, One Identity Manager, SailPoint IdentityIQ and Softerra Adaxes. See our ForgeRock vs. One Identity Active Roles report.

    We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.