One Identity Manager Reviews

One Identity Manager is an identity governance and management tool. Our customers have defined policies based on their infrastructure but not an intelligent centralized system that handles all the application and user information. When a user requests access to an application, we're the first ones to get that info and perform corporate operations like onboarding and offboarding. We also provide the necessary access. 

We manage about 200,000 users. A bank is one of our biggest clients, so managing their systems is a little more complex. They have multiple streams, making it somewhat complicated. 

One Identity provides our customers with a holistic, centralized automation process. Security compliance is the primary thing. When we audit the report, we can track what applications they are using and ensure that everything they do is within the security system. We can prevent incidents, but if something does happen, we can block that user or that system from accessing other resources.

The solution minimizes governance gaps across environments. When you're working with a large corporation, you can easily find gaps in the security. For example, accounts may be outside of the security system, or the creation and onboarding may be delayed, causing challenges. We can automate the entire process with a centralized platform to ensure the work is done on time. 

Having a centralized system to maintain everything saves time and avoids confusion. It ensures that everything is under the scope, improving security compliance. As companies grow, they face more security challenges, and this solution helps to address them. 

One Identity improves customers' operations by increasing security and reducing costs. Everything will be in line, from onboarding to offboarding. In terms of user privileges and access, everything stays within the scope. Companies can secure their resources and make them available as needed. It's a completely automated process that happens daily. Companies can cut costs by automatically removing access to paid users on leave because we usually pay a per user cost for services. 

Privileged access is part of company policy, and we provide access based on that criteria. The hierarchy will differ depending on the application. A privileged user will have access to the bigger applications or they will have admin role access. One Identity gives us a centralized system to do that.

Let's say a company has infrastructure, development, and finance teams, each with a separate IT shop. From this information, we know that this person belongs to the finance department, so they will receive all the access for someone in finance based on company policy. However, sometimes, the financial department isn't allowed to use the technical systems. We consider the policy criteria the user meets. 

If somebody requires access to something else, they can request access to those applications. Once an application is aligned with One Identity, we will have the application information and know how many users are on boarded to that application, so we get updated information about the number of users with access and how many use it. We generate reports each month on which applications users access and how often. 

I like One Identity's reporting features and the single sign-in option. Users can skip multiple logins. It also gives us a centralized system that lets us know about a user's access. This is an automated process. If a user leaves the company, One Identity will ensure their application access will be removed after a certain date. When the user joins a company, it ensures all privileges are created and active by the start date.

Using an open-source integration platform, we can integrate any service provider with One Identity. I think the user experience has been positive. Customizing the solution for each company's requirements has been challenging and interesting. Some of these companies are massive and have significant requirements, and we need to ensure that everything is under the scope.  We are collaborating to test and incorporate other functionalities. Corporations might also have their own applications, so we should be aligned with those. 

One Identity could add more connectors for various services we integrate. We need to build and configure custom connectors for our clients with complicated environments and multiple data streams. 

I have used One Identity Manager for two years.

One Identity is stable, but I can't say there are no issues. It depends on the server load and everything. 

One Identity is scalable. 

I rate One Identity support seven out of 10. They respond immediately when we reach out, and you can also get answers through their user community. 

Before One Identity Manager, we used a solution by Dell. A lot of things are in the cloud, so we cloud-native Azure and AWS tools to cover those. 

I was not involved in the deployment. Regarding maintenance, we have multiple teams working with One Identity to maintain and monitor it. Around 40 to 50 are working on this tool.

I rate One Identity Manager 10 out of 10. Before implementing One Identity, you should review the company's policies and all of the systems within its scope. From there, you can decide what the best solution is. For example, if you have an Amazon cloud environment, you should probably go with the AWS solution. 

I have implemented One Identity Manager in banking for research access and education for onboarding diverse users, managing identity lifecycles, and automating processes like account activation and provisioning. It is crucial for securing and streamlining identity management in both sectors.

One Identity Manager has enabled us to implement an Identity-centric zero-trust model, enhancing our access management system. This has strengthened security by granting users precise and necessary access, contributing to a more robust and secure environment for our company.

The most valuable feature of One Identity Manager for me is its Designer tool. This tool allows me to write custom code and provides flexibility to customize and adapt the system to meet specific business objectives.

There is some room for improvement with One Identity Manager. The Metamodel is not developer-friendly, and the web designer customization could be simplified. The report editor tool needs an update as its underlying technology is outdated. Additionally, a stronger community portal for quicker support responses would be beneficial.

I have been working with One Identity Manager for eight years.

I would rate the stability of One Identity Manager as a ten out of ten.

One Identity Manager is suitable for handling up to around five million records, but scalability becomes a challenge with larger datasets, such as over seven million people.

The biggest value of having premium tech support with One Identity Manager is the quick and efficient resolution of issues. However, there have been instances where the support response time could be improved. Overall, I would rate the support as a seven out of ten.

Neutral

The initial setup of One Identity Manager was not overly complex, and the documentation could be more user-friendly with additional visuals. We took the help of a consultant during deployment, involving five people. Maintenance is handled in-house as it is an on-premise solution.

One Identity Manager is affordable.

I appreciate that One Identity Manager is a suite with separate tools for managing and governing users, data, and privileged accounts. I find it beneficial that they have organized functionalities into distinct tools rather than consolidating everything into a single screen.

The user interface of One Identity Manager is intuitive for script writing and configuration, offering flexibility and a clear view of user attributes. However, the web application tool for end-user requests and the reporting tool is less user-friendly, especially for the web designer, which can be complex and not developer-friendly.

I use One Identity Manager to extend governance to cloud apps. This is crucial as cloud migration is widespread, and it is important to seamlessly onboard users and ensure governance on these cloud applications, aligning with the industry trend towards cloud adoption.

Using One Identity Manager, specifically the Safeguard tool, has helped me establish a privileged governance stance to bridge the gaps between privileged users and standard users. It provides a distinct solution for managing both types of users effectively.

One Identity Manager assists in streamlining application access decisions, ensuring application compliance, and conducting thorough application auditing.

One Identity Manager has empowered application owners and line-of-business managers to take charge of application governance decisions independently. The platform provides user-friendly tools, reducing the dependency on the IT team for these processes.

My advice to others is that before purchasing One Identity Manager, assess if it fits your use cases, especially considering the size of your user base. Ensure you have a skilled IT team for maintenance. Engage with the One Identity Manager team, conduct a proof of concept, and validate its suitability for your needs. Overall, I would rate One Identity Manager as a nine out of ten.

My clients use One Identity Manager to streamline and enhance their identity and access management processes. Whether it is a university simplifying student onboarding, or a global corporation managing employees across multiple branches worldwide, One Identity Manager helps them efficiently onboard, move within the organization, and offboard individuals. 

One Identity has transformed our organization, particularly in streamlining the join, move, and leave processes. It has shifted these from being manual or non-existent to around 80% automation, making a significant and beneficial impact. Clients, especially in large enterprises, have experienced drastic improvements with One Identity.

One Identity Manager has helped minimize governance gaps, particularly in the transition from test to development and production servers. This has significantly streamlined our operations and simplified the delivery of functionality for our customers who utilize One Identity Manager.

One Identity Manager has helped establish a privileged user governance stance, particularly in recommending regular reviews or rotations of privileged accounts. This approach is not only for privileged accounts but also for general usage analysis, ensuring unused accounts are closed, and optimizing licensing. Overall, it contributes to a more robust IT governance framework.

One Identity Manager helps consolidate procurement and licensing processes effectively.

The most valuable features are centralized Identity Management, robust Access Governance, and One Identity Manager workflow automation, simplifying user management and compliance.

In terms of improvement, the web portal for end-users in One Identity Manager has improved but could still see enhancements. The training for admins is crucial, and once you gather the knowledge, it becomes fairly easy. However, documentation could be better, especially for new features. It currently doesn't cover everything comprehensively, making it challenging to navigate some aspects. Improvements in documentation would be beneficial.

I have been working with One Identity Manager for four years.

It is quite a stable product. I would rate the stability as a nine out of ten.

I would rate the scalability of the product as an eight out of ten.

As a partner, we have access to a higher level of support, either gold or platinum. The support experience is generally good, and I would rate it around an eight out of ten.

Positive

Compared to Microsoft, One Identity Manager provides more granular and customizable solutions,  and although it can be used for managing cloud applications and user directories, it's primarily made for managing on premise tenents. The downside of OneIM is the documentation and training. 

The initial deployment of One Identity Manager can be straightforward with the right tools and knowledge, especially if using specific deployment tools. It typically takes around two working days for a basic installation. The solution requires maintenance mainly in the form of periodic upgrades to stay current. Other than upgrades, regular day-to-day maintenance is minimal, focusing on ensuring the application is up and running.

We are consultancy specialising on OneIM implementation. We are experts.

When properly planned and executed,  it should be pretty decent ROI

One Identity Manager is fairly priced, especially for large corporations or enterprises.

We use One Identity Manager for SAP integration, but it has some limitations. Managing logically disconnected SAP accounts can be challenging, and the solution feels somewhat incomplete. As a consultant, there is often a need for additional customization to address the intricacies of SAP integration within the broader One Identity Manager framework.

One Identity Manager connects to SAP accounts for identity governance. However, it is not the primary feature our clients emphasize. While useful, it is not the main driver for most organizations adopting One Identity Manager.

One Identity Manager provides Identity Governance and Administration for challenging aspects of SAP, including key codes, profiles, and rules. In a broader sense, it addresses these complexities within the SAP environment.

One Identity Manager is a solid choice for enterprise-level administration and governance. It effectively handles users, data, and accounts. While not perfect for privileged accounts, its integration with a complementary solution makes it a sophisticated option in the on-premise IGA landscape.

The user experience of One Identity Manager is unique, but it is not straightforward for an outsider. It requires some learning, and the navigation can be challenging without guidance. Overall, it is a complex system that benefits from the expertise of consultancies like ours.

Customizing One Identity Manager depends on your expertise. For experienced users, it is straightforward, but for beginners, especially in the first year, it often requires consulting with senior experts. Customization can be simplified with the right knowledge.

I use the solution's business roles to map the company structure for dynamic application provisioning. The business role functionality is crucial for us and our clients.

We use One Identity Manager to extend governance to cloud apps. It is essential, and I would rate its importance around seven on a scale of one to ten. Many customers, including us, find it valuable even if they don't plan to move entirely to cloud servers.

One Identity Manager helps streamline aspects of application governance, particularly in making application access decisions. The effectiveness largely depends on the implementation by the consultancy. If done correctly, it can greatly enhance application governance.

One Identity Manager has enabled application owners and business managers to make governance decisions without involving IT. If implemented correctly, there is minimal to zero IT involvement, allowing them to approve applications, manage access, and handle licenses directly through the One Identity Manager web UI. This aligns well with achieving an identity-centric zero-trust model.

I would recommend One Identity Manager, especially for large enterprises. However, it is crucial to consult with the customer first to ensure it aligns with their specific needs and requirements. Performing a proof of concept could be beneficial to validate its suitability for their environment. Overall, I would rate the product as an eight out of ten.

I designed and implemented One Identity Manager for clients across various companies. This involved a wide range of use cases, including standard employee lifecycle processes like onboarding, transfers, offboarding, and location changes. I also implemented more sophisticated use cases, such as automatically creating Active Directory groups and service accounts based on user requests and approval workflows.

One Identity Manager's enterprise view for managing logically disconnected SAP accounts is good.

One Identity Manager acts as an Identity Governance and Administration solution specifically designed to address the complexities of SAP systems. This deep integration allows for advanced features like implementing Separation of Duties rules, ensuring a more secure and controlled SAP environment.

One Identity Manager delivers important SAP-specialized workflows and business logic.

One Identity Manager provides one platform for enterprise-level administration and governance of users, data, and privileged accounts.

One Identity Manager, while not boasting the absolute best user interface, offers an intuitive experience. Through its integration with SAP, it provides a comprehensive solution for managing the entire user permission lifecycle, including SAP roles and transactions. I was particularly impressed by its ability to seamlessly read details from the SAP system using a standard connector.

One Identity Manager simplifies backend customization by allowing us to implement custom processes, functions, scripts, and more. However, customizing the web portal, especially the new Angular web portal, is a more challenging task.

One Identity Manager offers a sophisticated model for the business roles to map company structures for dynamic application provisioning.

The functionality of the business role is important because if we build the right business structure, we can simplify the permission manager.

One Identity Manager helps minimize gaps in governance coverage among test, dev, and prod servers.

One Identity Manager helps create a privileged governance stance to close the security gap between privileged and standard users. This has improved our security posture.

One Identity Manager helps streamline aspects of application governance which simplifies the reporting.

One Identity Manager enables application owners and line of business managers to make application governance decisions without IT. Being able to see what users have access to and make the decision regarding the request from one platform, saves us time.

One Identity Manager helps us achieve a zero-centric trust model. 

One Identity Manager stands out for its modular design, allowing us to easily customize it with specific components, and its flexibility to handle any identity and access management scenario we encounter.

One Identity Manager doesn't provide all the user interfaces we need for business users out-of-the-box. This means we need to customize the web portal to display all the information we want to make available to them.

The ROM control modeling has room for improvement.

The user experience can be more user-friendly.

How One Identity Manager deals with disconnected systems needs improvement.

I have been using One Identity Manager for over ten years.

I would rate the stability of One Identity Manager ten out of ten.

One Identity Manager's scalability is the best in the market. From a technical perspective, the number of identities and entitlements we can manage with the overall architecture is good.

The One Identity Manager support is good.

Positive

I previously used Oracle Identity Management and SailPoint IdentityIQ. I switched because I was interested in One Identity Manager which is more popular and trusted in our country.

The initial deployment is straightforward. While the initial software deployment itself can be completed in a day, a full rollout typically requires additional time for configuration, customization, and other necessary steps to tailor the software to our client's specific environment.

One Identity Manager is expensive.

I would rate One Identity Manager eight out of ten.

One Identity Manager requires one to two people for maintenance per project.

I recommend using a partner to evaluate and implement One Identity Manager.

One Identity is used to create, sync, and delete accounts automatically across multiple systems. The product allows employees to be managed from our Human Resources system, while consultants and temporary personnel can be managed manually. The system provides automated workflows and birthright assignments for easier management of similar accounts or those in the same department or role. 

With the system synchronized with our HR database, new account creations are automated and include an email to managers providing users with their credentials for initial login. Only the hiring manager will receive a copy of the initial username and password, helping further secure this information and have it readily available before the employee begins. 

The automation of employee creation and de-provision has streamlined the process in many areas. For employees, all actions begin in the HR department and flow downstream, keeping all systems synchronized with the same data.

Since the system is tied to our HR database, automation has allowed us to immediately terminate accounts based on employee status instead of waiting for notification from a manager.

Consultant accounts are also set on an automated schedule to send an email if an account isn't used within eight days. The account is also automatically disabled if not used in ten days. This provides additional security by not having accounts enabled but not in use.

Several employee data fields are synchronized to Active Directory, providing easy access to other applications (office, address, description, telephone, employee status, etc.). The update process is scheduled and automated to run multiple times a day, so Active Directory is always up to date with different employee data.

The One Identity birthright process has helped generate user accounts more accurately and quickly. Our Service Desk ticketing system is now used to complete user accounts and provide only what isn't common across their department or team. 

The One Identity system is very modular. The product is similar to an erector set, where you can do the same thing in many ways. While this is great, it also can allow you to set yourself up for failure later. The product does require some level of developer skills, so having the ability to make system changes without being a developer would be a plus. 

A tool called Analyzer is included to assist with birthright generation. The tool isn't very user-friendly. It would be helpful to have a tool to more easily find common groups across departments or teams so more groups could be managed in an automated fashion.

I've been using the solution for seven years.

The One Identity platform has been a stable system that provides consistent results. 

This product is extremely scalable. The more development knowledge you have, the more you can do with this tool.

Support has always been responsive and helpful.

Positive

We did use Hitachi IDM. The tool was a first-generation IDM tool and was very difficult to manage.

The initial installation was fairly complex as it is capable of integrating with so many different systems. There isn't an easy wizard to walk through and get you going.

Professional services were used for the initial implementation of the product. We found a different partner for ongoing work and support. Their knowledge of the product is excellent. 

One Identity, in partnership with our consultant partner, has allowed our company to streamline many processes and save employee time for other important tasks. 

I would advise finding and using a development partner for implementation unless you have a dedicated identity management team. Ensure your environment is licensed properly, as One Identity has an active Compliance department. 

No other products were found worthy of trial when surveying the market at the time.

We provide IT services for several European clients, so their individual use cases vary. For example, one is a research center in Sweden. 

One Identity Manager helps minimize gaps in governance coverage. The privilege governance feature enables us to close the security gap between privileged users and standard users, positively affecting our overall operations.

One Identity Manager is user-friendly and easy to customize. One Identity's business roles enable me to map company structures for dynamic application provisioning, which is fairly important.

The user interface needs to improve.

I have used One Identity Manager for about five years. 

I rate One Identity technical support six out of 10. 

Neutral

I rate One Identity Manager seven out of 10.

I use One Identity Manager to implement an identity governance and administration solution for end users.

One Identity Manager is a highly adaptable platform capable of integrating both connected and disconnected target systems through connectors and APIs. Its extensive customization options allow it to accommodate a wide range of customer use cases. Additionally, the tool can be scaled to support a large user base and effectively handles role provisioning, joiners, movers, and leavers automation. With its rich feature set and out-of-the-box functionality, One Identity Manager is a powerful solution.

Previously, our user interface relied on a legacy web portal built with VB.NET technology, which suffered from slow loading times. However, One Identity has significantly enhanced the user experience by upgrading to Angular technology for the web portal. This transition has resulted in a much more interactive interface and greatly improved response times. The codebase is entirely based on Angular, which we can leverage to create custom components and enhance the web portal with a more interactive user experience.

We leverage business roles to assign default access permissions. New employees automatically receive specific role-based access upon joining the company. This process is facilitated through the implementation of business roles. We can easily accommodate diverse user types using these roles. For example, a new sales employee can be assigned a corresponding business role. We can create hundreds of business roles to match different departments. Additionally, we can schedule when these business roles are executed, allowing for system operation flexibility. However, it's important to note that frequent scheduling can significantly impact overall system performance and efficiency.

We have integrated EntraID with One Identity Manager for application onboarding. Since authentication can be provided through EntraID, extending governance to cloud applications is necessary. Therefore, all cloud-based applications that are not connected to on-premises systems require integration with EntraID. Failure to integrate will result in authentication errors and prevent user logins. Consequently, EntraID is mandatory for all cloud-deployed applications.

When we deploy the portal, most projects involve migrating from other IGA solutions to our new platform. Initially, users may take time to familiarize themselves with the portal's web interface, but its navigation is intuitive. We provide extensive documentation on accessing the portal, its features, and how to submit requests, along with customer support. While there may be a brief learning curve, the user-friendly design should minimize difficulties.

One Identity Manager helps bridge governance gaps between test, development, and production servers. Development is migrated to a test environment for testing before approval and subsequent migration to production. One Identity Manager is installed on all three environments, each with its own database to facilitate this. Changes are developed in the development environment, packaged, and moved to the test environment for testing. Approved changes are then migrated to production. Maintaining identical One Identity Manager versions across all three environments is crucial to ensure successful package migration, as packages from one version are incompatible with others.

One Identity Manager allows us to establish a privileged governance framework to bridge the security gap between privileged and standard users. Our system defines roles with specific permissions, enabling us to display additional information to users with privileged roles while restricting access to this information for standard users. Our defined roles and permissions make this granular control possible.

We have an approval workflow and policy to streamline application access decisions. Obtaining a specific role must undergo an approval process, and only designated individuals can grant permission. This workflow ensures that role assignments are controlled and efficient, preventing unauthorized access.

One Identity Manager offers a wide range of connectors, allowing it to interface with multiple target systems and perform provisioning and de-provisioning tasks within them. This extensive connector library, available out-of-the-box, is one of its most valuable features.

One Identity Manager is a comprehensive but complex solution. Even for developers, gaining a deep understanding and implementing customizations would require significant effort. It is a challenging product to both implement and comprehend.

The reporting and auditing functionalities within One Identity Manager could be enhanced, particularly in the reporting area, which would benefit from a wider range of pre-built reports.

I have been using One Identity Manager for three years.

Technical support is helpful whenever we need troubleshooting services. 

Positive

The complex deployment took approximately seven months and involved a team of business analysts, a technical architect, and developers. 

We implement One Identity Manager for our customers.

I would rate One Identity Manager eight out of ten.

We are a service provider, and we provide the license to our customers.

One Identity is an IGA tool for identity and access governance. One Identity has another product called Safeguard for privileged access management. Our organization is a startup, so we don't have any cloud applications in One Identity Manager. We manage the Active Directory, LDAP, JDBC applications, and CSV files.

Realizing One Identity Manager's benefits takes some time because many organizations don't know the tool. It has to be pushed to the market. For big organizations that require more control over their data, such as pharmaceuticals and defense, it will be very successful compared to market competitors.

I like how One Identity Manager is designed. We can control granular-level permissions. Compared to SailPoint and CyberArk, we can go granular in the access levels. We can control it at the table, column, and database levels. That's the power of One Identity. 

We can import business roles from a .csv or create them in the manager. It is easy to create as many roles as we want, and there is no limit to the resources we can assign to them.

One Identity's UI is fine once you get used to it, but it's a little harder to learn than its competitors. The font size is too small. You need bigger screens to host that application. The website and portal are fine, but the manager, designer, and other standalone applications used for management or configuration are too difficult to use. The UI should be easier to use, and they should reduce the number of standalone applications to three or four. 

Customization is somewhat difficult in One Identity Manager. The problem is they're using VB.NET, which no one uses. There are no resources because One Identity isn't available on YouTube or any coaching institutes. 

I also find it difficult to add resources to the business roles because we have to use many options in One Manager for that. We have to add it to the IT shop so that the users can submit requests through the web portal, and we must generate that IT shop structure to add resources to the business. There is a lot of complexity in that. 

I have used One Identity Manager for 16 months.

It's an efficient tool for the enterprise level. There is no limit to the number of users. We can go from a hundred users to hundreds of thousands. It is based on the implementation level. We can add many servers to support the extension, but there are fewer resources in India because One Identity isn't a popular tool relative to SailPoint. 

I've used SailPoint. Compared to SailPoint, using One Identity is difficult and complex. You have to use many standalone applications to manage the target systems and for configuration and design, like custom implementation. With SailPoint, we don't need to use too many tools. It's all in the same product. 

In One Identity, we need to use Launcher, Designer, and other tools, whereas SailPoint is completely web-based, and the UI changes based on permissions. But One Identity isn't like that. There are standard applications for administrative purposes, but the end users have a web interface where they log in and request access. SailPoint has a single web platform for administrators, developers, and users. 

One Identity Manager is mostly difficult to set up. I cannot say that it is easy to learn. It takes time to habituate to it and memorize where the options are. There are many options in a single tool. At the enterprise level, it takes between six to nine months to deploy, but it depends on the organization's size. Our organization has between 10,000 and 15,000 users, so we could complete the installation in six months.

For maintenance, we have to take care of the database. We must back that up and ensure there are connections between the database, One Identity Manager, and target systems. There is not much maintenance involved in One Identity Manager.

I rate One Identity Manager eight out of 10.