Try our new research platform with insights from 80,000+ expert users
reviewer2134212 - PeerSpot reviewer
Manager IAM at a computer software company with 11-50 employees
Real User
Top 10
Delivers SAP-specialized workflows and business logic and has solutions for all needs related to the IDE and privileged identity
Pros and Cons
  • "The most valuable feature of One Identity Manager is it simplifies user-account provisioning and administration. One Identity offers a comprehensive range of solutions that cater to almost every aspect of the identity and access management domain."
  • "One Identity Manager is currently in the process of modernizing its UI, which I hope will result in a more user-friendly interface for its Identity Manager. However, it is uncertain whether they have plans to consolidate their various tools into a unified system to simplify configuration and tasks."

What is our primary use case?

The purpose of One Identity Manager is to implement identity and access management tools. For on-premises use, we must connect various target systems and trusted sources with the central identity and access management tools. This involves integrating Workday or other HR management systems with One Identity Manager and linking authentication sources, such as Active Directory or Azure AD, with One Identity Manager. Additionally, One Identity Manager has a specialized connector library for SAP solutions.

This solution can be deployed on the cloud and on-premise.

How has it helped my organization?

One Identity Manager connects SAP accounts to employee identities under governance from the connections that are provided. 

For customers who already have an SAP system in place, the availability of readily available, specially-designed connectors is crucial. This would be highly beneficial for all clients with SAP systems.

The solution delivers SAP-specialized workflows and business logic. 

This vendor provides end-to-end solutions that cover a wide range of areas related to user administration and governance, such as identity governance and administration, identity management, access management, and cloud-based solutions. They are also one of the few vendors to offer complete privileged account management solutions. Recently, they acquired OneLogin, which adds customer identity and access management to their comprehensive offering.

One Identity has solutions for all needs related to the IDE and privileged identity.

One Identity Manager provides a Web UI interface for users, which is currently being modernized through their latest initiative UI. Looking at their roadmap, we can expect to see more advanced UI from One Identity Manager in the future, reflecting ongoing product improvement.

Customizing One Identity Manager to fit specific needs is moderately difficult. With the help of experts, customization is possible, although it may not be a straightforward process. While it is not extremely difficult, it does require some level of expertise to carry out successful customization. One Identity Manager offers various tools for different customization requirements. Having the appropriately skilled resources available can greatly facilitate the customization process.

We make use of the solution's business rules to map our company structure for dynamic application provisioning. The importance of the business rules functionality lies in its ability to assist business analysts in designing organizational approval and provisioning policies. When gathering requirements, business analysts can utilize business rules to create effective policies that meet their needs and achieve their goals.

Connectors are available for both on-premise solutions and cloud-based applications or systems. One Identity Manager offers Starlink connectors specifically for connecting to cloud-based solutions. Although I have not personally worked with this offering, I am aware that it is available.

One Identity Manager helps to minimize gaps in governance coverage across test, dev, and production servers. They offer a feature that allows for the import and export of work, which is useful for moving content between different environments.

Reducing gaps in operations is crucial, not just for identity management but for any product. One way to achieve this is by synchronizing test, dev, and production environments as closely as possible. While it may not be feasible to replicate production exactly, having a miniature model that closely resembles it can greatly reduce gaps and potential problems. This concept applies to all identity and access management products when implementing them. The closer your test or dev environment is to production, the better you can reduce gaps and find potential problems that could arise in production. By identifying these issues in the test or dev environment, you can address them before they occur in the production environment.

The solution has helped create a privileged governance stance to close the security gap between privileged users and standard users.

The critical capabilities of any identity management product are operational activities such as providing access, provisioning, and deep provisioning. These tools are essential to efficiently manage identity and access. However, I am a bit confused about how licensing works with these capabilities.

The solution aids in simplifying application governance aspects such as making decisions regarding application access, ensuring application compliance, and conducting application audits.

The application governance requirements are being taken into consideration while designing and implementing streamlined solutions, which prove to be helpful.

One Identity Manager provides a dedicated module that enables us to set up a test station as per specific requirements. These test stations can be reviewed by the respective managers and their subordinate application orders based on roles. There is also a notification system in place to keep users informed.

In One Identity Manager, there is a module for review and attestation cycles. Whenever this cycle is triggered, notifications are sent to the respective parties who need to take action on their subordinates or evaluate role members. All of these features are available in One Identity Manager and can help fulfill business requirements. Moreover, One Identity Manager can indirectly assist in managing compliance auditing by tracking all actions, such as who performed them and when. This can be beneficial during external or internal audits as it helps in generating reports.

The solution positively impacted our operations and business by allowing us to streamline account provisioning for new hires and employees transferring between departments. When a new member joins my department, their line manager can request the creation of their account in advance. The request is then approved by concerned approvers and notifications are sent out. This reduces the onboarding time for new employees and ensures a smooth transition when an employee moves to a new department. Access can be removed or granted as per the requirements of the new department and line managers can request these changes through the portal, further simplifying the process.

The zero trust model can be implemented based on our understanding of the requirements. We need to design the business policies, rules, role membership, dynamic role membership, group memberships, etc., based on our understanding of zero trust. We need to set up the rules and policies according to the zero trust model and then implement them to achieve our business objectives. This includes designing policies based on departments, roles, job titles, and locations. By doing this, we can effectively implement the zero-trust policy.

What is most valuable?

The most valuable feature of One Identity Manager is it simplifies user-account provisioning and administration. One Identity offers a comprehensive range of solutions that cater to almost every aspect of the identity and access management domain. Their solution suite includes a login solution for access management that can be seamlessly integrated with your IGS solution. Additionally, they offer a dedicated tool for IGA that fulfills all your identity and assessment requirements. In addition, they have a solution called One Identity Safeguard for identity management and access management, which is gaining increased importance. With One Identity, you can obtain end-to-end solutions from a single vendor, whereas with other vendors, you would need to combine various vendors to achieve the same result. 

What needs improvement?

The tools within One Identity Manager are distributed, meaning there is no unified platform that covers all development, configuration, and installation details. Instead, there are separate tools for each requirement, such as object browser designer, manager tool, synchronization editor, report designer, job queue, and DBQueue. While these tools have built-in functionality, it can be tedious to learn and implement them all. This is in contrast to SharePoint, where all requirements related to role management, workflows, provisioning, and connector configuration can be implemented in one portal. In the case of One Identity Manager, different tools need to be used for each respective requirement. For example, the sync editor is used for connector configuration and related synchronization, while the job queue and DBQueue are used for monitoring jobs.

One Identity Manager is currently in the process of modernizing its UI, which I hope will result in a more user-friendly interface for its Identity Manager. However, it is uncertain whether they have plans to consolidate their various tools into a unified system to simplify configuration and tasks.

It is important to note that this modernization effort is a long-term goal, given that this solution has been in the industry for over 20 to 30 years. Despite its age, it remains one of the leading solutions in the market and is recognized by Gartner and other similar institutions as a top solution.

Buyer's Guide
One Identity Manager
March 2025
Learn what your peers think about One Identity Manager. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
844,944 professionals have used our research since 2012.

For how long have I used the solution?

I have been using One Identity Manager for approximately one year.

What do I think about the stability of the solution?

The solution is stable in my usage. Since the setup is distributed, there are several components in the environment. Regular monitoring allows us to take appropriate actions when necessary. The solution is stable and scalable according to the available data and comparisons with other vendors' products, as evidenced by reports from Gartner and other evaluators such as Scooping Your Coal. Based on a comparative analysis of multiple products, including those of leading competitors, I have come to this conclusion. These analysis reports are typically released annually.

I rate the stability of One Identity Manager a seven out of ten.

What do I think about the scalability of the solution?

One Identity Manager loads various identity and access management tools, it necessitates multiple instances for applications, web servers, and job server services. Therefore, the installation requires a substantially distributed setup but overall it is scalable.

I rate the scalability of One Identity Manager a seven out of ten.

How are customer service and support?

I have not used the support from the vendor. One Identity has various support sites, such as the support center and community sites, which can help address any questions or issues related to One Identity products. However, my experience with these sites is limited, and I cannot provide more detailed information.

How was the initial setup?

Installing One Identity Manager can be considered moderately difficult, but not overly so since it is based entirely on the Microsoft Windows platform. In comparison to other software installations, it is moderate in difficulty and should not be too challenging to complete.

The deployment timeframe for One Identity Manager varies depending on the size and scope of the project or proof-of-concept. It is difficult to provide a specific estimate without knowing more about the project requirements. Generally, it can take anywhere from three to six months to complete the deployment based on the project scope.

If you want to showcase the functionality of One Identity Manager, the solution provides a cloud environment to its partners with a pre-installed setup. You can use this environment to demonstrate to the customer for a limited time of about one week. This is a quick and easy way to showcase a few use cases that align with your project scope. However, the actual implementation timeframe will depend on the specific project requirements.

I rate the initial setup of One Identity Manager a seven out of ten.

What about the implementation team?

Typically, the installation and configuration of One Identity Manager are handled by a specialized team, while the development and configuration of individual tools to meet business requirements are done by other parties. For installation and configuration alone, it may require at least two individuals with the necessary expertise to ensure a successful setup.

What other advice do I have?

The requirement for maintenance and support varies depending on the situation. If it's a 24/7 operation, then three resources would be needed to cover all three shifts. However, the need for resources depends on the different aspects of maintenance, such as infrastructure installation, configuration, daily health checks, and level three support, which involves the development and making of changes. Typically, organizations have dedicated teams for these three areas, team members should be assigned accordingly based on this information. The tool is comprehensive and able to meet identity and access management needs. However, it can be complex as it contains multiple tools to address requirements in specific areas.

I rate One Identity Manager an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
reviewer2395977 - PeerSpot reviewer
IT Systems Manager at a insurance company with 1,001-5,000 employees
User
Top 20
Easy access and updates plus offers helpful automation capabilities
Pros and Cons
  • "The One Identity birthright process has helped generate user accounts more accurately and quickly."
  • "A tool called Analyzer is included to assist with birthright generation. The tool isn't very user-friendly."

What is our primary use case?

One Identity is used to create, sync, and delete accounts automatically across multiple systems. The product allows employees to be managed from our Human Resources system, while consultants and temporary personnel can be managed manually. The system provides automated workflows and birthright assignments for easier management of similar accounts or those in the same department or role. 

With the system synchronized with our HR database, new account creations are automated and include an email to managers providing users with their credentials for initial login. Only the hiring manager will receive a copy of the initial username and password, helping further secure this information and have it readily available before the employee begins. 

How has it helped my organization?

The automation of employee creation and de-provision has streamlined the process in many areas. For employees, all actions begin in the HR department and flow downstream, keeping all systems synchronized with the same data.

Since the system is tied to our HR database, automation has allowed us to immediately terminate accounts based on employee status instead of waiting for notification from a manager.

Consultant accounts are also set on an automated schedule to send an email if an account isn't used within eight days. The account is also automatically disabled if not used in ten days. This provides additional security by not having accounts enabled but not in use.

What is most valuable?

Several employee data fields are synchronized to Active Directory, providing easy access to other applications (office, address, description, telephone, employee status, etc.). The update process is scheduled and automated to run multiple times a day, so Active Directory is always up to date with different employee data.

The One Identity birthright process has helped generate user accounts more accurately and quickly. Our Service Desk ticketing system is now used to complete user accounts and provide only what isn't common across their department or team. 

What needs improvement?

The One Identity system is very modular. The product is similar to an erector set, where you can do the same thing in many ways. While this is great, it also can allow you to set yourself up for failure later. The product does require some level of developer skills, so having the ability to make system changes without being a developer would be a plus. 

A tool called Analyzer is included to assist with birthright generation. The tool isn't very user-friendly. It would be helpful to have a tool to more easily find common groups across departments or teams so more groups could be managed in an automated fashion.

For how long have I used the solution?

I've been using the solution for seven years.

What do I think about the stability of the solution?

The One Identity platform has been a stable system that provides consistent results. 

What do I think about the scalability of the solution?

This product is extremely scalable. The more development knowledge you have, the more you can do with this tool.

How are customer service and support?

Support has always been responsive and helpful.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did use Hitachi IDM. The tool was a first-generation IDM tool and was very difficult to manage.

How was the initial setup?

The initial installation was fairly complex as it is capable of integrating with so many different systems. There isn't an easy wizard to walk through and get you going.

What about the implementation team?

Professional services were used for the initial implementation of the product. We found a different partner for ongoing work and support. Their knowledge of the product is excellent. 

What was our ROI?

One Identity, in partnership with our consultant partner, has allowed our company to streamline many processes and save employee time for other important tasks. 

What's my experience with pricing, setup cost, and licensing?

I would advise finding and using a development partner for implementation unless you have a dedicated identity management team. Ensure your environment is licensed properly, as One Identity has an active Compliance department. 

Which other solutions did I evaluate?

No other products were found worthy of trial when surveying the market at the time.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
One Identity Manager
March 2025
Learn what your peers think about One Identity Manager. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
844,944 professionals have used our research since 2012.
Works at a consultancy with 10,001+ employees
Reseller
Top 20
It is a highly adaptable platform that bridges governance gaps and streamlines application access decisions
Pros and Cons
  • "One Identity Manager offers a wide range of connectors, allowing it to interface with multiple target systems and perform provisioning and de-provisioning tasks within them."
  • "The reporting and auditing functionalities within One Identity Manager could be enhanced, particularly in the reporting area, which would benefit from a wider range of pre-built reports."

What is our primary use case?

I use One Identity Manager to implement an identity governance and administration solution for end users.

How has it helped my organization?

One Identity Manager is a highly adaptable platform capable of integrating both connected and disconnected target systems through connectors and APIs. Its extensive customization options allow it to accommodate a wide range of customer use cases. Additionally, the tool can be scaled to support a large user base and effectively handles role provisioning, joiners, movers, and leavers automation. With its rich feature set and out-of-the-box functionality, One Identity Manager is a powerful solution.

Previously, our user interface relied on a legacy web portal built with VB.NET technology, which suffered from slow loading times. However, One Identity has significantly enhanced the user experience by upgrading to Angular technology for the web portal. This transition has resulted in a much more interactive interface and greatly improved response times. The codebase is entirely based on Angular, which we can leverage to create custom components and enhance the web portal with a more interactive user experience.

We leverage business roles to assign default access permissions. New employees automatically receive specific role-based access upon joining the company. This process is facilitated through the implementation of business roles. We can easily accommodate diverse user types using these roles. For example, a new sales employee can be assigned a corresponding business role. We can create hundreds of business roles to match different departments. Additionally, we can schedule when these business roles are executed, allowing for system operation flexibility. However, it's important to note that frequent scheduling can significantly impact overall system performance and efficiency.

We have integrated EntraID with One Identity Manager for application onboarding. Since authentication can be provided through EntraID, extending governance to cloud applications is necessary. Therefore, all cloud-based applications that are not connected to on-premises systems require integration with EntraID. Failure to integrate will result in authentication errors and prevent user logins. Consequently, EntraID is mandatory for all cloud-deployed applications.

When we deploy the portal, most projects involve migrating from other IGA solutions to our new platform. Initially, users may take time to familiarize themselves with the portal's web interface, but its navigation is intuitive. We provide extensive documentation on accessing the portal, its features, and how to submit requests, along with customer support. While there may be a brief learning curve, the user-friendly design should minimize difficulties.

One Identity Manager helps bridge governance gaps between test, development, and production servers. Development is migrated to a test environment for testing before approval and subsequent migration to production. One Identity Manager is installed on all three environments, each with its own database to facilitate this. Changes are developed in the development environment, packaged, and moved to the test environment for testing. Approved changes are then migrated to production. Maintaining identical One Identity Manager versions across all three environments is crucial to ensure successful package migration, as packages from one version are incompatible with others.

One Identity Manager allows us to establish a privileged governance framework to bridge the security gap between privileged and standard users. Our system defines roles with specific permissions, enabling us to display additional information to users with privileged roles while restricting access to this information for standard users. Our defined roles and permissions make this granular control possible.

We have an approval workflow and policy to streamline application access decisions. Obtaining a specific role must undergo an approval process, and only designated individuals can grant permission. This workflow ensures that role assignments are controlled and efficient, preventing unauthorized access.

What is most valuable?

One Identity Manager offers a wide range of connectors, allowing it to interface with multiple target systems and perform provisioning and de-provisioning tasks within them. This extensive connector library, available out-of-the-box, is one of its most valuable features.

What needs improvement?

One Identity Manager is a comprehensive but complex solution. Even for developers, gaining a deep understanding and implementing customizations would require significant effort. It is a challenging product to both implement and comprehend.

The reporting and auditing functionalities within One Identity Manager could be enhanced, particularly in the reporting area, which would benefit from a wider range of pre-built reports.

For how long have I used the solution?

I have been using One Identity Manager for three years.

How are customer service and support?

Technical support is helpful whenever we need troubleshooting services. 

How would you rate customer service and support?

Positive

How was the initial setup?

The complex deployment took approximately seven months and involved a team of business analysts, a technical architect, and developers. 

What about the implementation team?

We implement One Identity Manager for our customers.

What other advice do I have?

I would rate One Identity Manager eight out of ten.

We are a service provider, and we provide the license to our customers.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Flag as inappropriate
PeerSpot user
reviewer2323041 - PeerSpot reviewer
Co-Owner at a tech services company with 1-10 employees
Real User
Top 20
Delivers important SAP-specialized workflows, provides one platform for enterprise-level administration, and minimizes gaps in governance coverage
Pros and Cons
  • "One Identity Manager stands out for its modular design, allowing us to easily customize it with specific components, and its flexibility to handle any identity and access management scenario we encounter."
  • "How One Identity Manager deals with disconnected systems needs improvement."

What is our primary use case?

I designed and implemented One Identity Manager for clients across various companies. This involved a wide range of use cases, including standard employee lifecycle processes like onboarding, transfers, offboarding, and location changes. I also implemented more sophisticated use cases, such as automatically creating Active Directory groups and service accounts based on user requests and approval workflows.

How has it helped my organization?

One Identity Manager's enterprise view for managing logically disconnected SAP accounts is good.

One Identity Manager acts as an Identity Governance and Administration solution specifically designed to address the complexities of SAP systems. This deep integration allows for advanced features like implementing Separation of Duties rules, ensuring a more secure and controlled SAP environment.

One Identity Manager delivers important SAP-specialized workflows and business logic.

One Identity Manager provides one platform for enterprise-level administration and governance of users, data, and privileged accounts.

One Identity Manager, while not boasting the absolute best user interface, offers an intuitive experience. Through its integration with SAP, it provides a comprehensive solution for managing the entire user permission lifecycle, including SAP roles and transactions. I was particularly impressed by its ability to seamlessly read details from the SAP system using a standard connector.

One Identity Manager simplifies backend customization by allowing us to implement custom processes, functions, scripts, and more. However, customizing the web portal, especially the new Angular web portal, is a more challenging task.

One Identity Manager offers a sophisticated model for the business roles to map company structures for dynamic application provisioning.

The functionality of the business role is important because if we build the right business structure, we can simplify the permission manager.

One Identity Manager helps minimize gaps in governance coverage among test, dev, and prod servers.

One Identity Manager helps create a privileged governance stance to close the security gap between privileged and standard users. This has improved our security posture.

One Identity Manager helps streamline aspects of application governance which simplifies the reporting.

One Identity Manager enables application owners and line of business managers to make application governance decisions without IT. Being able to see what users have access to and make the decision regarding the request from one platform, saves us time.

One Identity Manager helps us achieve a zero-centric trust model. 

What is most valuable?

One Identity Manager stands out for its modular design, allowing us to easily customize it with specific components, and its flexibility to handle any identity and access management scenario we encounter.

What needs improvement?

One Identity Manager doesn't provide all the user interfaces we need for business users out-of-the-box. This means we need to customize the web portal to display all the information we want to make available to them.

The ROM control modeling has room for improvement.

The user experience can be more user-friendly.

How One Identity Manager deals with disconnected systems needs improvement.

For how long have I used the solution?

I have been using One Identity Manager for over ten years.

What do I think about the stability of the solution?

I would rate the stability of One Identity Manager ten out of ten.

What do I think about the scalability of the solution?

One Identity Manager's scalability is the best in the market. From a technical perspective, the number of identities and entitlements we can manage with the overall architecture is good.

How are customer service and support?

The One Identity Manager support is good.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I previously used Oracle Identity Management and SailPoint IdentityIQ. I switched because I was interested in One Identity Manager which is more popular and trusted in our country.

How was the initial setup?

The initial deployment is straightforward. While the initial software deployment itself can be completed in a day, a full rollout typically requires additional time for configuration, customization, and other necessary steps to tailor the software to our client's specific environment.

What's my experience with pricing, setup cost, and licensing?

One Identity Manager is expensive.

What other advice do I have?

I would rate One Identity Manager eight out of ten.

One Identity Manager requires one to two people for maintenance per project.

I recommend using a partner to evaluate and implement One Identity Manager.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
IT Architect at a tech services company with 501-1,000 employees
Real User
Significantly reduces time needed to create an account, mailbox, and default permissions for a new employee
Pros and Cons
  • "Among the most valuable features of One Identity Manager are administration from Active Directory and Azure Active Directory, as well as administration from Exchange. These features enable us to have fully automated processes to create new accounts and new mailboxes. The most valuable option is the ability to design an automated route to give our customers permissions."
  • "The web interface has room for improvement. It could be more performant and the design of the web interface is relatively complicated. It could be simplified."

What is our primary use case?

We are a company in the health sector, with about 50,000 employees from six different health organizations. We use the solution to help automate all the processes around hiring and firing. We have automated as many processes as possible around user accounts and mailboxes, and file and folder administration. And with the IT Shop, customers can request permissions themselves.

How has it helped my organization?

Back in 2014, it took us six workdays to get an employee what they needed to do their work. The creation of the user accounts required two days, and the creation of the user mailbox and the assignment of permissions took another four days. Now, we get data from HR when a new hire begins and we have the user account, mailbox, and default permissions for the organization available approximately two hours later.

The initial setup process for an employee is straightforward. We set up processes for user accounts and we can add other processes to them. Our goal is to automate all user-permission and user-administration processes with One Identity and we are doing that more and more.

It has helped to simplify compliance. We are subject to compliance rules. Using the solution, a manager has the ability to check out which permissions an employee has and to make changes to the permissions.

We have also integrated One Identity with SAP. Every one of our customers uses SAP and we have the synchronization agent for SAP in different landscapes. The integration process between One Identity and SAP is simple. We don't have to do many steps to integrate SAP landscapes. We just have to start a new synchronization process and that's fine. The SAP integration gives us the ability to make rules for SAP accounts and SAP role assignments. And what is very impressive is the way it handles role assignments. We have more than 2 million role assignments for just one of our customer's employees.

What is most valuable?

Among the most valuable features of One Identity Manager are administration from Active Directory and Azure Active Directory, as well as administration from Exchange. These features enable us to have fully automated processes to create new accounts and new mailboxes. The most valuable option is the ability to design an automated route to give our customers permissions.

The solution is also very flexible. We can adjust all the standard processes that One Identity comes with and we can create new processes. We can always change whatever we need to change.

What needs improvement?

The web interface has room for improvement. It could be more performant and the design of the web interface is relatively complicated. It could be simplified.

For how long have I used the solution?

I have been using One Identity Manager since 2013. I was formerly a consultant for Quest, beginning in 1998.

What do I think about the stability of the solution?

We don't have any problem with the stability of the solution. We have problems with the stability of our own processes and the systems that are behind One Identity.

What do I think about the scalability of the solution?

We have 50,000 employees. That speaks for itself regarding the scalability.

How are customer service and support?

One Identity support has been fine. We always have good, professional feedback and solutions, and the communication has always been okay.

How would you rate customer service and support?

Positive

How was the initial setup?

As an organization, we started the deployment with one of our customers in 2010 and completed deployment for all of our customers in 2016. Every system requires different processes and knowledge. We were able to set up some things in a really short time. Others took more time because we needed to learn the system and how it works.

We are a team of four employees who design and customize the whole system. Our company has 80 support engineers on the help desk, and on our customers' sites there are between four and 10 employees who have read-only access for the One Identity system.

What about the implementation team?

We have worked with One Identity and with their partners, including IPG and Devoteam. In 2014, we worked with One Identity in our environment to deploy the IT Shop.

APG provided training for me and my colleagues. It went very well. We were stronger in our skills after the training and it was done very professionally. They also helped us customize the solution for our particular needs, the first time. Now, we understand things and we can customize the system on our own. Their assistance, along with Devoteam, in customizing things was very helpful. They customized the whole system and we learned from them.

What was our ROI?

We have seen ROI due to the better performance we now have in getting employees working. That is very valuable. In addition, we have the self-service via the web interface. That helps with return on investment because every call to our help desk has to be paid for by our customers, but with the web interface they can do things on their own.

What's my experience with pricing, setup cost, and licensing?

It's not cheap, but the pricing is okay. Other applications cost about the same.

What other advice do I have?

Take your time in deploying the system and know the processes you want to support with it. Knowledge of the processes you want to support is the main thing.

Which deployment model are you using for this solution?

On-premises
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
CarlosTum - PeerSpot reviewer
I AM consultant at a tech services company with 201-500 employees
MSP
Top 20
It's a complete solution that has everything we need
Pros and Cons
  • "One Identity is a complete solution that has everything we need."
  • "The documentation is poor. For example, the synchronization editor has a lot of things happening, but there's just a description. If you want to do something specific with that like create custom views, they just say go to the extension and select the UUID. However, if we don't have a UUID for this view, it will not work. That isn't in the documentation."

What is our primary use case?

I am a consultant who works on the backend of One Identity. When a client has a requirement, I add it to the back end. 

How has it helped my organization?

One Identity Manager simplifies procurement and licensing. Using business roles helps a lot. Provisioning enables users to make application governance decisions without involving IT personnel. It makes it easier by using account definitions and business roles. 

You can assign different AD groups and applications and enable them for specific users depending on their roles. This minimizes gaps in governance coverage among test, dev, and production servers and makes things easier. 

What is most valuable?

One Identity is a complete solution that has everything we need. We can use it to manage SAP. It connects SAP to employee identities under governance. This functionality is critical. One Identity Manager provides IGA for the more difficult-to-manage aspects of SAP, which is also crucial. The SAP-specialized workflows are easy to implement. 

One Identity provides a single platform for the administration and governance of users, data, and privileged accounts. It provides a complete overview of all these things. The user interface is intuitive and nice. It shows everything. Customizing the interface isn't hard. You can create custom fields. This is one of the most important things.

What needs improvement?

The documentation is poor. For example, the synchronization editor has a lot of things happening, but there's just a description. If you want to do something specific with that like create custom views, they just say go to the extension and select the UUID. However, if we don't have a UUID for this view, it will not work. That isn't in the documentation.

It extends governance to cloud applications and it's complete, but there needs to be more connectors for it. That's the only thing I don't like.

For how long have I used the solution?

I have used One Identity Manager for a year and five months.

How are customer service and support?

I rate One Identity's support eight out of 10. We use the standard support. They send you a link to the documentation or a forum where someone else had the same problem. However, sometimes the documentation isn't useful, so they need to escalate the user to the product leads. In those cases, it takes weeks to resolve. 

How would you rate customer service and support?

Positive

How was the initial setup?

The initial deployment was easy and could be completed in one or two days if we only consider the installation and synchronization of target systems. However, it takes longer to set up the business roles and all that. 

What other advice do I have?

I rate One Identity Manager nine out of 10. The only issue I have is the documentation. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
PeerSpot user
SanjayKumar13 - PeerSpot reviewer
Cyber security lead at a tech vendor with 10,001+ employees
Real User
Top 5
It's easy to integrate SAP
Pros and Cons
  • "It's role-based access control, and you can manage it. It's perfect for our customer's governance control."
  • "One Identity should open the market with accessible training material and content so that more developers can be available. They have to improve their marketing strategy, partners, and vendors. One Identity should be attracting engineers to learn their product and get certified. They should have strong forums. They could have a certification program where any engineer can get certified. However, their overall approach is complex, which I do not prefer."

What is our primary use case?

One Identity Manager can handle all identity use cases.

What is most valuable?

It's easy to integrate SAP with One Identity. SAP has different modules, and you can manage users through the One Identity interface. Integrating through a stream connector is simple. 

It's role-based access control, and you can manage it. It's perfect for our customer's governance control. One of my customers is using One Identity's PAM solution. It is a separate component and licensing model.

What needs improvement?

One Identity should open the market with accessible training material and content so that more developers can be available. They have to improve their marketing strategy, partners, and vendors. One Identity should be attracting engineers to learn their product and get certified. They should have strong forums. They could have a certification program where any engineer can get certified. However, their overall approach is complex, which I do not prefer.

The platform isn't very intuitive like the others, but One Identity Manager has migrated their review scripting to the Angular framework, so now it's good, and they're competing with others from the UI perspective.

One Identity Manager is a little complex from a development perspective. If you compare it to SailPoint, it is easy, but One Identity Manager has so many separate components that it is quite complex for development. And sometimes, we have seen some performance issues.

For how long have I used the solution?

I have used One Identity Manager for more than 10 years. 

What do I think about the stability of the solution?

I rate One Identity Manager eight out of 10 for stability. 

What do I think about the scalability of the solution?

One Identity is scalable.

How are customer service and support?

One Identity must improve its support because they have a very limited pool of engineers, and they're often occupied. 

Which solution did I use previously and why did I switch?

I have used SailPoint.

What's my experience with pricing, setup cost, and licensing?

I rate One Identity seven out of 10 for affordability. It's reasonably priced. 

What other advice do I have?

I rate One Identity Manager eight out of 10. It's more suitable for the enterprise level. I wouldn't recommend it for small or medium-sized enterprises. 

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
ProductMe39b - PeerSpot reviewer
Senior Product Manager for Identity & Access Management at a non-tech company with 10,001+ employees
Real User
We are creating, managing, and provisioning in SAP, as it is a fully integrated solution
Pros and Cons
  • "At the time of the onboarding, this is solution that we have interfacing with HR. On the same day an employee is hired, an account is created and available for the manager when the end user arrives. The opposite is true. The moment employment is terminated, the same day everything is disabled, then later deleted."
  • "The back-end, its capabilities, and workflows are very good."
  • "I would like it to have an easier integration with phones."

What is our primary use case?

We are managing the entire trend for our identity management, from HR hire until offboarding. We use it for managing all the IT accounts in the company, which has hundreds of thousands of identities.

How has it helped my organization?

At the time of the onboarding, this is solution that we have interfacing with HR. On the same day an employee is hired, an account is created and available for the manager when the end user arrives. The opposite is true. The moment employment is terminated, the same day everything is disabled, then later deleted.

We have integrated it directly with SAP, since our HR source of information is SAP and more than 80 percent of our business is run on SAP. Therefore, we have the largest SAP installation in the world. It's fully integrated, so we are creating, managing, and provisioning in SAP, as it is the core of our business. We are synchronizing for SoD, so it's working well. We are using different aspects of the integration.

What is most valuable?

The overall capabilities of the identity governance and administration (IGA) solution for identity management.

The flexibility of the solution: We are able to use what is out-of-the-box, customize and prioritize it, then further develop it to meet our needs. Our use for it is very complex, but we are able to achieve success with One Identity.

The back-end, its capabilities, and workflows are very good.

What needs improvement?

I would like a more friendly web UI. This is something that they are already starting to work on. 

Because of our volume, the monitoring of the solution, several job servers, and DBQs has been very time consuming for us.

I would also like it to have an easier integration with phones.

What do I think about the stability of the solution?

With the current version, the stability is very good. With the previous version, it was not good. We are now in version 8, and it's really stable and performing.

What do I think about the scalability of the solution?

Without this solution, because of our sheer size, we cannot manage our own house.

How are customer service and technical support?

We are paying for premium support, which is expensive. However, we do receive very good, fast support.

How was the initial setup?

What we implemented is very broad. We implemented basic identity management: workflow, self-service, and shopping for roles. We also implemented SoD. To implement all of this and because of our size, we had to work with partners and One Identity, which was a complex process.

What was our ROI?

We have seen a little ROI when there was a restructuring reduction in the market for user management teams, but not enough to cover the cost of the project. The focus was on security compliance, not on return on investment.

This solution has helped to reduce help desk calls. We are a very big company, so we have implemented thousands of role-based access controls which give rights to the users. Based on their movements, we are removing or assigning access. We also have the entire onboarding process fully automated. We have removed more than 90 percent of all manual requests for accounts.

This solution has helped to increase employee productivity when it comes to provisioning users. E.g., We can give users access in under a day. It is now based on how long it takes for HR to perform the action to onboard the employee.

Which other solutions did I evaluate?

We started an RFP in 2013 or 2014. Then, the end of the process was in 2015, we selected One Identity Manager by comparing it against many other vendors.

What other advice do I have?

Define what you are researching. Write down use cases you need. Then, ask for a demo with you data, so you can see actual results.

We are working on our IT cloud strategy. We are starting to do cloud provisioning integrated with our identity management.

We use it for compliance, but not directly for GDPR.

We are using the policy and role management features.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free One Identity Manager Report and get advice and tips from experienced pros sharing their opinions.
Updated: March 2025
Buyer's Guide
Download our free One Identity Manager Report and get advice and tips from experienced pros sharing their opinions.