Most Helpful Review
Flexibility and extensibility of the platform allowed us to achieve far more efficiencies than we ever expected
Find out what your peers are saying about Okta Workforce Identity vs. One Identity Active Roles and other solutions. Updated: March 2020.
456,966 professionals have used our research since 2012.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"The most valuable aspects of the solution are the integration with external websites one-factor authentication."
"This solution allows us to do the provisioning. Also the most important for us is the ability to enable and disable features to employees as they onboard and offboard."
"Enabled MFA to access federated applications as well as increased user satisfaction through improved provisioning times and more reliable processes."
"The ease of deployment, ease of use, and speed of delivery is what I like about Okta Workforce Identity. It is very easy to use. For a lot of software, you need to be trained extensively and have a very technical background. Okta Workforce Identity is quite simple. You can integrate any software into Okta. They've got a network of 7,000 applications that easily integrate into it."
"Having a single sign-on to all our applications."
"The MFA part is the best. MFA provided most of the security that we were looking at with respect to the second level of authentication. Okta Workforce Identity provides a number of options with respect to multifactor authentication, such as the app, phone call, and text. These options provide different ways of logging in for users, and they were a lot more than what we needed. This is certainly a very good feature of Okta Workforce Identity."
"The most valuable features are ease of operation and visibility."
"It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool."
"The AD and AAD management features of this solution are really good... They offer added value by showing more fields such as password age and the statuses of some things that we normally wouldn't see."
"It gives us attribute-level control and the AD management features work very well."
"The provisioning and deprovisioning saves a lot of time and skips a lot of errors."
"Having a tool to manage all changes to AD from a single pane of glass is awesome."
"The biggest thing for us is Active Roles saves a lot of man-hours in keeping groups up-to-date manually or trying to write some sort of script that you have to run, so we don't have to reinvent the wheel. Instead of when every time somebody joins a department, then somebody has to remember to put in a request to add "meet user Joe" to this group, the solution does it automatically for us. Therefore, it saves our business and IT staff time because they do not have to process requests since Active Role can do it for them."
"Because of Active Roles, we're able to synchronize on an even more regular basis. It enables us to provide even more information to the Active Directory, which helped us to group our users in a more consistent manner."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"The solution lacks an on-premises deployment model so it can't offer a hybrid solution. It would be ideal if clients had options that weren't just cloud-based."
"I don't know if it is possible to make it simpler to use or simpler to understand, but that would be the most important thing to improve."
"SSO and MFA for improved end-user experience, and protection against password spray attacks, account password self-service."
"It would be pricing, which is a tough one because it goes against Microsoft. A lot of companies say they're a Microsoft partner, and they get all their software for free. Okta is like a luxury product, and it's not the most affordable one. I would say if they could work on pricing, it would help. Other than that, they've done great strides in developing a product that is really good. The companies that do see the value tend to invest in it."
"You can't hide the device when you're checking logs."
"They also have single sign-on (SSO). When we bought Okta Workforce Identity a year and a half ago, I was also looking at SSO, but not much documentation was available for SSO. The documentation for SSO should be a little more robust for somebody who is implementing it for the first time."
"The integration with third-party tools needs to be improved."
"It also has workflows and those are really powerful, but there are no built-in workflows. When it comes to them, it's empty. I would personally love for it to come with ten, 15, or 20 workflows where each achieves a certain task... I could just look at how each is done, clone them, copy them, modify them the way I want them, and be good to go. Right now we have to invent things from scratch."
"Most of the time it just works."
"For the AAD management feature, it needs to improve the objects that we can manage and the security."
"The ability to send logs to a SIEM would be very beneficial."
"When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow."
"In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"There are some features that we think should be included in their next release. We think these things would take them to the next level: the ability to completely force or limit any dynamic group processing to specific servers, change-tracking reporting of virtual attributes, and the ability to use files as inputs to automation workloads. These things have also been talked about. Knowing them, they're probably working on them."
Pricing and Cost Advice
"It could be a bit too pricey for small companies. Okta Workforce Identity can add a lot of benefits, but smaller companies may not have a lot of applications that need to be managed by Okta Workforce Identity. In larger organizations, there are more departments, applications, and users to manage. Okta Workforce Identity adds a bit more value to those bigger organizations. In addition to standard licensing fees, there are also additional costs for things"
"License is around US$20,000 annually."
"I believe it competes well. The pricing is pretty competitive. I know that Microsoft also provides something similar with its MFA and identity services."
Information Not Available
Questions from the Community
Top Answer: Enabled MFA to access federated applications as well as increased user satisfaction through improved provisioning times and more reliable processes.
Top Answer: * Passwordless authentication. * Integration with the user provisioning infrastructure to track all entitlement changes; simplify the modeling of the role and access definitions at every stage of the… more »
Top Answer: SSO and MFA: To extend Identity Authentication on the existing IAM identity and account operations to the multiple domains for administrative and help desk personnel. Improve consistency of the… more »
Ask a question
Earn 20 points
out of 26 in Identity and Access Management as a Service (IDaaS)
Average Words per Review
out of 24 in User Provisioning Software
Average Words per Review
Compared 18% of the time.
Compared 11% of the time.
Compared 8% of the time.
Compared 6% of the time.
Compared 5% of the time.
Compared 24% of the time.
Compared 23% of the time.
Compared 21% of the time.
Compared 5% of the time.
Compared 5% of the time.
Also Known As
|Quest Active Roles|
Okta is an enterprise grade identity management service, built from the ground up in the cloud and delivered with an unwavering focus on customer success. With Okta, IT can manage access across any application, person or device. Whether the people are employees, partners or customers or the applications are in the cloud, on-premises or on a mobile device, Okta helps IT become more secure, make people more productive, and maintain compliance. Okta is an on-demand identity and access management service for web based applications, both in the cloud and behind the firewall.
Active Roles is a single, unified and rich tool to automate the most troublesome user and group management tasks. With One Identity Active Roles, you can streamline user and group administration, solve security issues – and meet those never-ending compliance requirements by managing and securing on-prem, and cloud AD resources simply and efficiently with a single, intuitive solution.
Learn more about Okta Workforce Identity
Learn more about One Identity Active Roles
|Box, Groupon, National Geographic, Western Union, DocuSign||City of Frankfurt, Moore Public Schools, George Washington University, Transavia Airlines, Howard County, MD. See all stories at OneIdentity.com/casestudies|
Computer Software Company34%
Comms Service Provider12%
Comms Service Provider14%
Consumer Goods Company14%
Computer Software Company25%
Comms Service Provider16%
Financial Services Firm9%
Okta Workforce Identity is ranked 1st in Identity and Access Management as a Service (IDaaS) with 8 reviews while One Identity Active Roles is ranked 3rd in User Provisioning Software with 8 reviews. Okta Workforce Identity is rated 8.6, while One Identity Active Roles is rated 8.8. The top reviewer of Okta Workforce Identity writes "Good product with ease of deployment, ease of use, speed of delivery, and easy integration with other software". On the other hand, the top reviewer of One Identity Active Roles writes "ARS has been instrumental in ensuring accounts get cleaned up when they get deprovisioned". Okta Workforce Identity is most compared with Microsoft Azure Active Directory Premium, Google Cloud Identity, OneLogin Workforce Identity, Auth0 and SailPoint IdentityNow, whereas One Identity Active Roles is most compared with SailPoint IdentityIQ, One Identity Manager, Microsoft Azure Active Directory Premium, Softerra Adaxes and Saviynt. See our Okta Workforce Identity vs. One Identity Active Roles report.
See our list of .
We monitor all Identity and Access Management as a Service (IDaaS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.