One Identity Manager Reviews

One Identity Manager's primary use is managing employee identities, encompassing the entire lifecycle from onboarding and role changes to offboarding, including lifecycle management, certification, segregation of duties, and identity retirement.

One Identity Manager offers a comprehensive platform for enterprise-level administration and governance of user data and privileged accounts. The platform includes features like Safeguard for securing high-privileged accounts and a unified login for access management. Essentially, it provides a complete suite of identity management, privileged access management, and access management within a single platform.

The user interface provides a comprehensive graphical view of identities and entitlements across various systems, offering a clear and accessible overview of user accounts and permissions. This allows users to quickly and easily view their accounts and entitlements in each system, enhancing the overall user experience.

One Identity Manager is easily customizable to our needs due to its built-in Visual Basic editor, accessible through Visual One. This allows for customization by utilizing their comprehensive API documentation to build or modify functions as required. The integrated editor within the product enables us to readily access and write custom logic, streamlining the customization process.

It utilizes business roles, which are mapped to technical roles and then further mapped to entitlements. This structure streamlines access requests for end-users, as a single business role can encompass multiple technical roles, granting access to multiple systems upon approval. The system also allows for customized approval workflows with multiple levels of authorization. Additionally, a cart feature enables users to select and apply for various business or technical roles, combining them as needed before submitting their request.

One Identity Manager employs a governance framework that utilizes a certification process to verify identities based on client-defined intervals, typically every six to eight months, aligning with their audit requirements. This governance feature is seamlessly integrated into the platform, eliminating the need for separate installations. Furthermore, the system allows for the customization of attestation processes, including certification campaigns, email templates, and recipient lists, providing extensive flexibility. This functionality is crucial for ensuring data security and regulatory compliance within cloud applications, as granting access to unauthorized individuals can lead to severe financial and legal repercussions. By managing access privileges effectively, organizations can mitigate risks and maintain control over sensitive information.

One Identity Manager can help to minimize gaps in governance coverage among tests, dev, and product servers.

It establishes a privileged governance framework, mitigating the security risks associated with highly privileged user accounts. These accounts, if compromised or accessed without authorization, can cause extensive damage to servers and applications, potentially jeopardizing the entire company. By implementing One Identity Manager, organizations can effectively address these vulnerabilities and enhance overall security.

One Identity Manager streamlines application access decisions for compliance, especially in large companies with hundreds of applications. Without a centralized solution like One Identity Manager, managing access and ensuring compliance becomes nearly impossible. This tool provides a single point of reference for application access, offering a complete audit trail of who has access to what, when it was granted, and when it was revoked. This simplifies application management across the enterprise and ensures comprehensive auditing capabilities.

It empowers application owners to align with business managers in making application governance decisions independent of IT, thereby reducing operational costs by around 25 percent. The platform offers various connectors to onboard applications as endpoints, enabling automated provisioning, creation, deletion, and access control for user accounts. This automation minimizes manual intervention, streamlines operations, and ultimately contributes to cost reduction.

One Identity Manager helps achieve an identity-centric Zero Trust model. Without a proper approval process, granting access based on simple email requests compromises the Zero Trust model and introduces significant security risks. The Zero Trust model mitigates these risks by requiring multiple approval levels for any access, emphasizing its importance in maintaining a secure environment.

One Identity Manager is a comprehensive identity management system that encompasses employee identity lifecycle management, certification, and segregation of duties. It ensures high security through multiple approval processes, preventing unauthorized access and enhancing compliance by providing time-based access for privileged accounts with proper audit trails. Additionally, it streamlines application access decisions and extends governance to cloud applications.

The support model has room for improvement, especially when compared to competitors like Omada and SailPoint, which offer a more extensive global presence and support network.

I have been working with One Identity Manager for six months.

One Identity Manager is stable.

One Identity Manager is scalable.

I believe the support model could be better.

Neutral

I worked on platforms like Broadcom and IGA before using One Identity Manager. I did not switch on my own; it depends on what the client uses.

One Identity Manager offers superior reporting capabilities compared to dot com IGA. While dot com IGA requires significant time, financial investment, and server resources to configure reporting, One Identity Manager provides an intuitive and user-friendly interface that allows for easy report generation directly from the GUI. This streamlined approach simplifies the reporting process and enhances efficiency.

The return on investment in compliance is clear because inadequate identity management can result in substantial financial penalties for data breaches.

Investing in One Identity Manager is necessary for regulatory compliance. Although it might not directly bring in business, it prevents issues like tool compliance. The pricing is reasonable compared to other solutions.

I would rate One Identity Manager nine out of ten.

My customer uses their custom HR system. On the backend, data is sent from the NS SQL server to One Identity Manager.

If you want to save on infrastructure costs without extensive customization, opt for the SaaS model. If you require significant customization, consider the on-premise model of One Identity Manager.

We use One Identity Manager for user lifecycle management and access management.

Since I am placed in the business organization, I see smooth processes for joiner, mover, and leaver, and a compliance perspective. We are getting cost savings by automating system integrations. Previously, people handled access rights manually for each system. Now, after integrating about half of our systems, we are saving approximately three FTEs, and expect it to double. Line managers can see team members' access rights and do attestations in one view. We have integrated requesting of access rights also to external systems via the web portal to remind leaders about access rights management also for leavers and movers. Automation of these processes improves security and compliance by meeting auditor requirements.

There are functionalities we needed to build ourselves, such as cleaning the direct entitlement assignments if inderect exists. The user interface can sometimes be a bit confusing for end users, for example during attestations, as completed tasks simply disappear without indicating that there are no pending requests left any more and therefore end-user is unsure if they have completed all theirs tasks.

We have had it in production since autumn 2023, approximately one and a half years.

I rate stability around nine out of ten.

We have around 8,200 employees using the system to request access rights. Scalability is not an issue, so I rate it a nine out of ten.

I rate customer support at eight out of ten. The response time has room for improvement as it can take quite a long time in some cases.

Positive

Previously, we used an old Microsoft MIM solution. We transitioned to One Identity Manager for improved functionalities like handling mover situations and integrating external systems for better security compliance.

We implemented it through Tietoevry, a partner. Initially, we had an unsatisfactory experience with a different partner, which delayed our project by a year. After switching to Tietoevry, the project improved significantly.

Annually, we have saved three full-time employees as a result of deploying One Identity Manager. We anticipate doubling this saving once all current integrations are completed and even more when we add Segregation of Duties rules.

I would recommend One Identity Manager due to the improved security and compliance it offers. We have achieved considerable productivity gains through automated processes. I rate One Identity Manager a nine out of ten.

We are using One Identity Manager to change our previous old identity access management platform. Currently, the separation of duties is the most important aspect.

It delivers SAP-specialized workflows and business logic. It meets the needs of the most common use cases. It also supports customization for special cases.

Its biggest benefit as well as its biggest problem is that it is highly customizable. Usually, customers do too much customization, and then it is not great performance-wise.

We started to see how to optimize or support audit processes with One Identity Manager about a year ago. It has been helpful there. It saved quite a lot of time.

It did not help us to achieve an identity-centric Zero Trust model, but that is because we need more push from the business or management.

It helps automate processes. Our company uses One Identity as an enabler, which would be nice to change. It helps us save on license costs through effective license management.

It is highly customizable, a feature that influenced our company's decision. We can easily customize it.

I find it user-friendly. Once you have some experience, it demonstrates best practices and guides you on the correct way to use the tool. 

Default connectors work fine, but certain connectors, such as SCIM to SAP Cloud Identity Services connector, have quite a few bugs. They are not so great.

Their support can be better. They can also improve testing of their product before releasing new versions. We have had a few critical issues after upgrading to a newer version, which also caused problems with auditing.

Our company has been using One Identity Manager for around seven years, but I have personally used it for four years. I became its developer four years ago.

We are using it at one location. We have about 30,000 active identities. We have five people working with this solution.

There is room for improvement. For each ticket, they require logs or traces from the system, even when the issue shows no logs. This requires sending the information back and forth, which consumes a lot of time. After submission, they contact the product team, which often takes one or two months to respond.

Neutral

I have not worked with other solutions.

I was not involved when they started implementation, but it was complex. This complexity was not due to the difficulty of implementing One Identity Manager, but rather a lack of business support for our process decisions.

Deploying the One Identity Manager solution itself is easy. The documentation is clear.

You can do customizations. It can be customized, but it is hard to customize correctly without affecting the system.

IPG is our partner. They have helped customize the solution for our needs.

Their support was alright. It is important that the partner advises to follow the standards because customizations can cause issues. It is better to change the process instead of going for customization.

We received very good support from them post-implementation. It is of high level. I would rate our One Identity Partner a ten out of ten in terms of value.

I would recommend One Identity Manager for sure. It is quite easy to use as long as you find a good partner who can facilitate changes in the process rather than customize it for every single case. Many issues arise from the misuse of the system due to extensive customizations. If used correctly, there would be fewer issues, and it would be a fast, quick system.

It can be a bit complex to learn for new users when there is a lot of customization.

It has a lot of potential. We try to use it as much as possible, but we are not using it to its full potential. The problem is business support. 

Overall, I would rate One Identity Manager an eight out of ten.

We use One Identity Manager for access management and provisioning, as well as onboarding target system applications. It focuses on identity management and providing access. 

We use different tools like Web Designer and Synchronization Editor, and we do implementation, customization, and configuration based on our requirements.

I can see many benefits, including granting the right access to the right people at the right time. It helps with enhancing security, validating identity types, and assigning initial rights based on the defined processes. Users follow request workflows inside the system to access, which is validated for correctness.

We use One Identity Manager to manage SAP target system applications. We generally use the SAP connector. We create the SAP onboarding project in Synchronization Editor. It is like a bridge between One Identity Manager and the target SAP system applications. It is able to meet our requirements.

It has had a Windows-based UI, and they are also moving to a web-based portal. One Identity Manager helps manage identities and accounts, and we can also see the pictorial representation of the identities there.

We do a lot of customization. It supports customization based on our needs. However, when it comes to Web Designer, customization can be a bit challenging.

We have onboarded 30 to 40 applications, including SuccessFactors, ServiceNow,. We are about to complete SuccessFactors' integration with One Identity. Previously, we used to get the identities in the form of a CSV file where the data was inserted inside One Identity to create the identities of new joiners and do the onboarding. It is now connected to the SuccessFactors application. It is also integrated with ServiceNow. If any incidents get raised, they can be routed to the respective operations or engineering teams for resolution.

One Identity Manager helps minimize gaps in governance coverage among test, dev, and production servers.

One Identity Manager helps streamline application access decisions, application compliance, and application auditing. We have dedicated teams focused on compliance and auditing.

One Identity Manager has helped us achieve an identity-centric Zero Trust model.

In One Identity Manager, I appreciate the Synchronization Editor for onboarding different target system applications. We have various connectors that allow customization. For instance, the Windows PowerShell connectors can connect to different services such as RESTful services, SOAP services, and Windows services. I like how data flows from the target system applications to One Identity. We explore technical aspects, write functions in PowerShell, and connect with APIs. 

Another interesting feature is attestation, where we review and re-attest existing employees' rights. We create attestation policies, workflows, and schedules.

A major area for improvement is Web Designer. If One Identity Manager advances this, it will greatly benefit all customers. Web Designer is based on legacy Microsoft technologies like ASP.NET and HTML. I believe future improvements will resolve performance issues.

I have been using One Identity Manager for the last six years.

It is stable but need more improvements.

It is scalable. I would rate it an eight out of ten for scalability.

We use their regular support. Could be rate 7 or 8 out of ten.

Positive

We do not handle the initial setup, but from what I have heard, it is not complex.

In terms of maintenance, mostly it requires monitoring and health checks to ensure everything in the infrastructure is working properly.

I would definitely recommend One Identity Manager. It offers many opportunities for technical learning, implementation, and customization. One Identity Manager is a good solution for identity and access management, provisioning, and other IAM aspects. 

I would rate it an eight out of ten.

My primary use case for One Identity Manager is identity lifecycle automations and access governance. I use One Identity Manager to automate user onboarding roles based on access alignment and deep provisioning across active directories and multiple business applications. As a Python developer and analyst, I am involved in mainly customer workflows, scripts, and integrations, ensuring identity data flows correctly between systems and applications.

I appreciate the features of automated provisioning and deprovisioning, role-based access controls, workflows, and approval engines, audit, and compliance reporting. These features represent the main use cases I am currently utilizing.

I appreciate the features of automated provisioning and deprovisioning, role-based access controls, workflows, and approval engines, audit, and compliance reporting.

I value the flexibility to customize business logic in One Identity Manager, which allows us to handle non-standard access scenarios and meet strict compliance needs. This flexibility in customizing business logic has helped improve our access management and faster turnover times. Tasks that previously took hours or days, such as provisioning new users or removing access, are now automated. This has helped reduce operational overhead, improve security posture, and minimize access-related errors.

One Identity Manager has positively impacted my organization by ensuring that performance remains consistent even during peak operations such as mass onboarding or role updates, which is important for an enterprise environment. This stands out when we use it to reduce access and minimize access errors. Faster turnover times increase our productivity and enhance our workflows.

Since implementing One Identity Manager, we have seen significant improvement in automations, controls, and overall operations efficiency, especially around identity and access management processes. We have reduced our manual work, sped up turnarounds, and improved user provisioning. There are also fewer tickets based on access requests and reduced dependency on administration for routine tasks. From a developer perspective, this also means fewer ad hoc scripts and fixes because the workflows are standardized. One Identity Manager has improved our access accuracy and helped in our audit readiness.

One Identity Manager provides centralized visibility into who has access and why. Access changes are tracked with approval and timestamps, which makes audit management much smoother and faster.

The user interface of One Identity Manager could be better, especially for non-technical or business users. Some advanced configurations and debugging are not very transparent and often require vendor support or deep product knowledge. Additionally, documentation around custom integrations and scripting could be more detailed, which would help developers work more efficiently.

I rated One Identity Manager eight out of ten because of the UI and documentation concerns. The user interface could be more intuitive, especially for non-technical business users. It can be improved with better vendor or product knowledge, and the documentation around custom integrations and scripting could be more detailed. The UI can be improved, and the documentation should be faster and more efficient.

My recommendation for others looking into using One Identity Manager is to have a clear access and role design. It is important to clean up the identity data early and run a pilot phase because this implementation could be challenging for teams who are new to it. For developers, investing time in understanding One Identity Manager data models and workflow logics upfront makes customization much smoother later.

One Identity Manager is priced as an enterprise IAM solution, so it is not inexpensive. However, when considering the depth of the governance, automations, and compliance features, the cost is justified for organizations with complex requirements. I gave this review a rating of eight out of ten.

One Identity Manager has been integrated and in use for two years. The primary focus is on integrating One Identity Manager for other customers, particularly mid-sized financial institutions. The implementation targets unifying user access across internal applications, cloud platforms, and third-party partner systems.

While specific details cannot be shared due to NDA agreements, one organization had multiple identity systems: one for internal employees, one for external employees such as contractors, and another for partners. This fragmentation caused inconsistent access, security vulnerabilities, and slow onboarding and offboarding processes. One Identity Manager was implemented to consolidate these systems, resulting in significantly faster operations.

One Identity Manager's best features include fast setup with the ability to be configured locally for direct database access. The solution provides specific procedures for onboarding and offboarding, and supports the use of custom connectors.

One Identity Manager has positively impacted the organization by reducing account creation and access approval times from days or weeks to minutes or hours through automated workflows. Self-service access requests are routed through a central portal with defined approval paths, which minimized manual work and accelerated onboarding. Governance functions such as attestations and access reviews are now enforced consistently, which was not the case previously.

One Identity Manager can be improved in the areas of documentation and training, both of which are severely lacking.

Three years have been spent working in the current field.

One Identity Manager is genuinely stable, particularly the LTS versions.

One Identity Manager's scalability performs comparably to other One Identity products and scales effectively from very small organizations to large financial companies, including major banks and other large entities.

One Identity Manager's customer support is good. Response times average four to five days, sometimes extending to six days, but the support team has been genuinely helpful in addressing cases in a timely manner.

A different solution was not previously used, as the customer specifically requested One Identity Manager.

Specific details regarding pricing, setup cost, and licensing cannot be shared. However, One Identity is quite affordable, particularly with partner status.

Other options were not evaluated before choosing One Identity Manager.

One Identity Manager is the industry standard for valid reasons, which demonstrates its quality. It is backed by a large and reputable company and is genuinely easy to learn and implement. The documentation is adequate. One Identity Manager's onboarding and offboarding processes are considerably faster than previous methods, resulting in significant time savings that translate to cost savings. The overall impression of One Identity Manager is positive, and a rating of 8 out of 10 reflects the value and effectiveness of this solution.

My use case for One Identity Manager is identity governance and administration. I am an implementation partner for One Identity Manager.

One Identity Manager has improved our organization significantly; for instance, the automation of the provisioning workflow is very useful. Moreover, the de-provisioning usually represents a challenge in the provisioning process as it consumes time and working hours, wasting time for new employees or employees who require more privileges. It helped reduce pain in the business. In de-provisioning, this has helped significantly with risk management and removing potential threats for people who have more privileges than they should, and the attestation is crucial; attestations and attestation workflows are very crucial in this area.

One Identity Manager provides a single platform for the administration and governance of users, data, and accounts. It's quite comprehensive, which is a positive aspect. 

One Identity Manager extends governance to cloud apps using StarLink integration, which benefits clients significantly despite some resistance due to additional licensing requirements.

The solution helps consolidate procurement and licensing with a straightforward process. It aids in achieving an identity-centric zero trust model, helping clients comply with regulations and minimize risks.

The best features in One Identity Manager, which I appreciate the most, are the ability to extend it and the capability for customization and integrating new target systems. 

The ease of use of One Identity Manager could improve as the web portal is not the most user-friendly, and there are many places where the settings exist which can make it fuzzy and difficult to figure out the location of specific settings you want to configure. 

The solution's intuitiveness requires almost a complete redesigning in terms of user experience. It needs a lot of work and updates to improve the user experience. 

The solution helps minimize the gap in governance coverage for test, dev, and production servers, though migration between environments could be more straightforward.

There should also be more focus on the governance part, business, and marketing.

I have been using One Identity Manager for approximately four years.

One Identity Manager occasionally has bugs, but overall, it is pretty stable.

Regarding scalability, One Identity Manager rates a nine out of ten as it is suitable for enterprise clients. 

We rarely use their support. The support that the vendor provides has improved recently, but the documentation lacks significant information.

Neutral

Its deployment is of moderate complexity. Deployment time for enterprise clients takes days.

The solution requires daily maintenance, with many clients requiring resident engineers for managed services.

One Identity Manager definitely saves time, money, and resources. Although the exact percentage is unclear; it is very helpful, similar to any identity and access management solution.

The pricing for One Identity Manager is competitive in our region, so there is no issue with the license pricing. However, aside from the license for the StarLink apps, the cost is justified.

When comparing One Identity Manager with other solutions, there is a challenge in the MENA region due to its weak presence, particularly in Egypt. SailPoint seems superior in terms of governance, but One Identity Manager is better in terms of administration. For provisioning, de-provisioning, and integration with different target systems, One Identity Manager is superior, while SailPoint excels in governance, attestations, and reporting.

One of the most important functionalities is the business roles to map company structure and dynamic application provisioning, serving as a backbone for role administration and provisioning in general.

I believe it's easy to customize. I don’t have much experience with other solutions, so I can't compare it directly. However, it's not hard, but it's also not entirely easy. There are many ways it could be improved. That said, it's still quite decent overall.

I would recommend One Identity Manager for large-scale or medium enterprises in our region, but not for small companies due to cost considerations for licensing and services.

I would rate One Identity Manager an eight out of ten.

I am certified as both Technical Specialist and Implementation Professional on the product.

I assist various clients in diverse sectors, mostly finance, industry companies and municipalities. I have quite a broad background in implementing it in different scenarios.

When it comes to ease of customization, the product is outstanding. I can extend the schema with new tables, columns, etc. Usually, we use OOTB tables to keep it simple, same goes for processes. There are a lot of blocks or components that can be used and I do not need to code everything on my own to make JML possible. I have not seen something that we could not do. 

In terms of business roles, there are numerous possibilities with assignments and  inheritance like top-down or bottom-up. It works very well because you can also break the inheritance if you want at a certain level. Soft transition is a great feature where you can move to a new role (primary) but also keep the other one (secondary).

I have mostly implemented the product on-prem. Integrations has been both on-prem systems and cloud like Azure AD or Entra. To make use of Saas applications it is possible using the Starling Connect connector.

One Identity Manager helps streamline application access decisions. If you set it up, you can do some kind of campaigns or attestations to check the correctness of permissions. You can then take appropriate action. For instance, if you see that there are ten people who have never used this application, you can deny it. There is also something called Recommendations that will make use of risk and previous decisions (like peer-group) to determine if to approve or not.

The application governance module enables application owners or line-of-business managers to make application governance decisions without IT. Application governance is possible within the web portal. You can set up ownerships. You can assign permissions depending on how you set up your permissions in the product. With appropriate permissions, you can assign an owner for a specific application and you can also set the owner or responsible person on each access so that they can decide. This means if you have set up a pilot project and are starting with one unit, they can grow from there and help each other. This is quite a new feature from the 9.2 version.

I have been in several projects with primary focus on implementing SAP. Usually a simple SAP implementation is to integrate one dev-instance, one ref/test-instance and one production instance. However, for one customer, a public-listed company in Sweden, we had to develop some kind of SAP fabric to onboard a lot of SAP clients and transaction objects. During the project they also migrated from SAP R/3 to S4HANA. It was a journey to make this happen, but the SAP-connector worked quite well and the technical team was very happy about it. We synchronized SAP roles and profiles and assigned those to business roles to use automation. We also set up some kind of identity audit for the SAP roles. At that time (v8.x), we could not have inheritance of SAP profiles through System Roles. That was a drawback, but in a later version, that was resolved.

It has a full feature set with certain tools for certain things.

I use the Designer a lot because I do a lot of customization (processes, scripts etc) and I would say it is pretty comprehensive. I am a Microsoft Identity Manager (MIM) veteran, which is an old product that still has end-of-life support. One Identity Manager is the next generation of IGA platforms because almost everything can be customized and extended and still keep a solid metacatalogue. I can test and evaluate the data, even at a property level, and be sure that it is going to work before pushing my changes into production.

The next one would be the Manager because that is where we review the data and orchestrate things like approval workflows and attestations. We can use different models for entitlements such as system roles and business roles. Then we can assign these to an IT shop for the end user.

Then, of course, none of these tools would be useful if we do not have any data coming from a target system such as HR. Here we use the powerful Synchronization Editor that comes with a lot of OOTB-connectors, also called sync projects. Within a sync project, mapping and workflow is set up to synchronize the data and provision changes to, for instance, an Active Directory target system. It is also possible to develop custom connectors.

We are also using the Job Queue which is a tool that displays ongoing processes (Jobs) and possible errors. We can look at history jobs and also get a health check of our Job Servers and Web Servers.

I also use the Object Browser which is an abstraction of the SQL tables. This tool is more technical than Manager but powerful in its own way with possibilities to trigger events, filter data and even more.

Finally, the Database Transporter that is used to transfer objects or custom changes between One Identity Manager databases. These changes are mostly something called "change labels" that could be work I have done in the Designer, objects created in the Manager or other information I want push to a specific environment using a transport package.

One Identity Manager needs better documentation and more examples, especially for beginners, as it has a steep learning curve. They have rich forum but it often contain outdated information that could be improved for better guidance. If something is not working, we need to easily find out if it is a product defect.

I have been using One Identity Manager for more than five years. 

The support is good but could be better. It could take a day or some hours depending on the case or the customer.

Neutral

The initial deployment is easy, a huge benefit compared to different solutions. It takes about one day to set up a development environment. Great UI-wizards with multiple verification steps.

With the acquisition of OneLogin, they are now the leader when it comes to a unified identity platform. Every product in their portfolio serves a purpose.