We performed a comparison between Okta Workforce Identity and One Identity Active Roles based on real PeerSpot user reviews.
Find out in this report how the two Identity and Access Management as a Service (IDaaS) (IAMaaS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It has a wide range of MFA options. I prefer "Okta Verify" out of them all."
"Okta has introduced the Universal Directory. It has custom attribute capability and user permissions to read/write on their profiles or hide them. Profile sources and identity profile sourcing are two different components that I haven't seen in other products."
"The initial setup is easy."
"Okta controls all the users. It has context-based access from the user and type of device. It identifies the risk and can do a step of authentication when that user is trying to access some sensitive application from an unknown device."
"The most valuable features of Okta Workforce Identity are MFA, and SSO, which have high security."
"The MFA part is the best. MFA provided most of the security that we were looking at with respect to the second level of authentication. Okta Workforce Identity provides a number of options with respect to multifactor authentication, such as the app, phone call, and text. These options provide different ways of logging in for users, and they were a lot more than what we needed. This is certainly a very good feature of Okta Workforce Identity."
"The feature that is most valuable to me is the automated user provisioning that we set up using Okta as a major part of that process."
"The ease of deployment, ease of use, and speed of delivery is what I like about Okta Workforce Identity. It is very easy to use. For a lot of software, you need to be trained extensively and have a very technical background. Okta Workforce Identity is quite simple. You can integrate any software into Okta. They've got a network of 7,000 applications that easily integrate into it."
"It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"Because of Active Roles, we're able to synchronize on an even more regular basis. It enables us to provide even more information to the Active Directory, which helped us to group our users in a more consistent manner."
"It provides automatic provisioning/update/deprovisioning workflows from a source system to a target system."
"Active Roles improved the management of users, groups, and AD objects in the organization."
"It gives us attribute-level control and the AD management features work very well."
"The biggest thing for us is Active Roles saves a lot of man-hours in keeping groups up-to-date manually or trying to write some sort of script that you have to run, so we don't have to reinvent the wheel. Instead of when every time somebody joins a department, then somebody has to remember to put in a request to add "meet user Joe" to this group, the solution does it automatically for us. Therefore, it saves our business and IT staff time because they do not have to process requests since Active Role can do it for them."
"With the use of the sync service we were able to import information from multiple external systems and populate them within our space and leverage them for downstream systems."
"The lifecycle management part can be improved. It should also have identity governance and the ability to choose a specific factor authentication at the application level. Its licensing and pricing can also be improved."
"It is challenging to obtain a comprehensive backup."
"Its pricing needs improvement."
"The solution’s policies are difficult to understand due to the policy methods. They use authentication. The solution’s workflow is also difficult and not very active. They need to have proper documentation on it. In the next release, I would like to see the workflows being more digestible."
"The training is too costly."
"There are some issues with the interface that can be improved."
"Therefore, if you have 10 million users, that's almost 100 million, so it is costly."
"SSO and MFA for improved end-user experience, and protection against password spray attacks, account password self-service."
"The way you can search groups could be better."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"For the AAD management feature, it needs to improve the objects that we can manage and the security."
"Another issue we have with the product is that we run a lot of custom tasks. You have to program them to run on one particular host and there's no automatic failover to a second host. If that host is down when a task is supposed to run, it has to wait until the next time it runs when that host is up."
"The initial setup was quite easy, but it was time-consuming. It took about three months."
"I've had a difficult time getting it to cooperate with Azure in the cloud and, while the support staff are very good and very knowledgeable, what they assist with just on a call doesn't go deep enough to help with a number of issues. The answer that comes back is that we'd have to start an engagement with Professional Services, which is fine but that takes time to schedule and it takes budget."
"In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets."
"The ability to send logs to a SIEM would be very beneficial."
Okta Workforce Identity is ranked 2nd in Identity and Access Management as a Service (IDaaS) (IAMaaS) with 59 reviews while One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews. Okta Workforce Identity is rated 8.4, while One Identity Active Roles is rated 8.6. The top reviewer of Okta Workforce Identity writes "Extremely easy to work with, simple to set up, and reasonably priced ". On the other hand, the top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". Okta Workforce Identity is most compared with Microsoft Entra ID, Google Cloud Identity, SailPoint IdentityIQ, Saviynt and Auth0, whereas One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, SailPoint IdentityIQ, One Identity Manager and Quest Active Administrator. See our Okta Workforce Identity vs. One Identity Active Roles report.
We monitor all Identity and Access Management as a Service (IDaaS) (IAMaaS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.