IT Central Station is now PeerSpot: Here's why
Buyer's Guide
Single Sign-On (SSO)
June 2022
Get our free report covering Google, Okta, Amazon, and other competitors of Azure Active Directory (Azure AD). Updated: June 2022.
609,272 professionals have used our research since 2012.

Read reviews of Azure Active Directory (Azure AD) alternatives and competitors

Samarjeet Tomar - PeerSpot reviewer
Technical Solutions Lead at a insurance company with 1,001-5,000 employees
Real User
Top 20
Stable and reliable solution but the application updates are lacking
Pros and Cons
  • "A solution that's easy to use, stable, and reliable."
  • "Application updates are lacking. Customer support needs to be improved."

What is our primary use case?

We've been using this solution for SSO and consolidation of IDs.

How has it helped my organization?

This solution brought us the SSO perspective, and this is the main reason we're using it.

What is most valuable?

The only thing I like about Okta Workforce Identity compared to other solutions in the market is that it's an easy resource that you can get, even if you're working with many users, but there is a lot to learn about it.

What needs improvement?

There are many things that Okta has to improve on. I understand that Okta has a lot of apps, like any other provider, e.g. Microsoft apps, IDP apps, or cloud identity apps.

The problem with Okta is that they create the app and they never update. In this fast-paced industry where versions keep getting updated, Okta is really slow at times.

None of the Okta applications that they create, for example, in my case: I have used the cloud identity of Microsoft apps and now I'm using the off tabs. What I found is none of the single Okta apps that we have worked and did not create an issue. They are not fully mature. So it's that aspect that can be improved, which Okta is investigating. Their application support and not having updates for those applications also need to be improved. These are the things that surprised me and I was not able to understand from Okta.

Okta's customer support should be improved.

Okta should work with certain providers, e.g. the Google cloud, the AWS cloud, the Microsoft cloud, and they should evaluate the integration point because what happens is if your organization has SSO which relies on Okta, all of these three clouds and the Okta app are far from perfect. You are not able to get the right setup based on how your security is trying to define it vs what the application can support. You'll end up using the default interface Okta provides with those apps.

I understand Okta could say that if they shouldn't worry about it because if AWS wanted to support Okta, then AWS should be the one providing us the app and support, but Okta should try to understand the users, do surveys from the different automation using Okta, and use different apps because those apps are very critical. They are far from perfect, so Okta has the worst implementation.

For how long have I used the solution?

I've used this solution in the last 12 months. We've been using it for six years.

What do I think about the stability of the solution?

This solution is stable and reliable. We didn't find the solution itself hard to use.

What do I think about the scalability of the solution?

The scalability of this solution is bad. Scalability has two or three different meanings to it.

Is it scalable from the infrastructure side of it? The answer is yes.

Is this scalable from the business perspective? The answer is no. For example, the B2B and the B2C solutions that others provide, those aspects in Okta are completely lacking.

For example, if I have the Microsoft Azure Active Directory, I have the B2C, B2B, and the phase rate, so I have a way to not only support my enterprise but my end customers in a very fast manner. In the case of Okta, that whole path is a nightmare to work with.

How are customer service and support?

I didn't like Okta's support. They say they have very good support, but the moment you create a ticket, they will tell you that they provide the app, but they cannot provide support because we connected the app to another environment, or to another side of the spectrum. This seemed very odd to me.

First, we are using the application you specified, then you say you cannot support this application just because the value provided is outside of this application, so you cannot troubleshoot or help us to troubleshoot if we open a ticket. Every single time it's a chicken and egg type of situation. From that perspective, Okta's support is horrible.

How was the initial setup?

The setup was straightforward. Nowadays, all the other IDPs are the same way, too. I didn't find a single IDP that had no experience at the level, and all of them can stand up at the same time, within the same time frame.

With Okta, on the other hand, the requirement to have the ID server in between, whether it's the cloud-based ID server specified, or the on-prem base, like ours: It's on-prem, but what I found was that we were not able to do it even after following all the guidance unless we had a dedicated Okta person to help us do it. It was a different situation with Microsoft and cloud IDP which were easy to set up, as we were able to do it ourselves just by following the documentation.

What about the implementation team?

We implemented the solution through an integrator consultant. They are fine. They are doing the job on a daily basis.

What's my experience with pricing, setup cost, and licensing?

This solution is costly.

With Microsoft, you get the exact same information that Okta gives out of the box: free, because that's what Microsoft does, and even if I compare to other cloud IDPs, with Okta, access may offer free access for startups, and if you have fewer users, it's okay. Pricing is decent. The moment you talk about the enterprise level, for example, we were talking about implementing Okta across the US with multiple customers, and the cost they gave us was two million dollars. The cost is not justified for the single assets of this solution, so Okta is bad in those terms.

Which other solutions did I evaluate?

We've been evaluating Microsoft Azure Active Directory. It's still in the POC phase, and it's been three or four months. We have very particular requirements, e.g. a mix of multiple IDPs with Okta, and Azure Active Directory is one of them, but that is the only one where we don't have the solution. We are trying to do the POCs first to ensure that they are able to meet our needs.

What other advice do I have?

The reports I downloaded were very informative. The things that we were trying to do is generally the One ID and software entitlement. Our customers find them more useful than the Microsoft Azure side of it. They know that the functionality exists and they are able to use that functionality, but the intuitive nature of managing the entitlement was not there. We also had a requirement where we wanted to mix the Okta in between, for the SSO, so I was trying to collect as much information as I can get and that information was helpful.

Whenever you search for the Okta documentation, for example, if we search for cloud IDP and Microsoft-related documentation, it's only on Microsoft's site we get the help we need, including help from the community. Okta's community, when you Google it, is lacking because it only contains help or information about Okta products because Okta users are only able to use the product in a standard way.

This surprised me especially because Okta has such a good name, but the bottom line is, if you ask me as a decision-maker or the one who influences decisions in our organization, if I was going to choose Okta as our SSO provider, my answer will be flat NO.

The initial implementation of this solution took three months. It's a very simple and standard implementation, so that's never been a problem.

A hundred users are currently using this solution in our organization. It doesn't require heavy maintenance.

Working with Okta can be restrictive, and this is where Okta doesn't shine.

This solution is being used extensively in our organization. Increasing its usage will depend on whether they are able to convince the Infotech folks, and that's what's happening.

The advice I would give to others looking into implementing this solution is for them to first try to understand it. They should not confine themselves to selecting Okta, thinking that it's the end solution. They should look at their future needs too because once they implement Okta without considering their future needs, they will have to do a lot of hacks and tricks. Before they even delve into Okta, they have to first think about their future and how much this solution will cost in the long run.

This solution meets the need, but that's all, so I'm rating it a six out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Richard Hickson - PeerSpot reviewer
Founder & Managing Director at HelpFully IT
Real User
Top 20Leaderboard
A rock-solid product with fantastic device management and single sign-on capabilities
Pros and Cons
  • "The whole product is great. The device management is amazing. The fact that you can basically set up an entire machine without having the machine in front of you is most valuable."
  • "The capability to get alerts would be great when CPU or RAM is high on an endpoint, or when a disk is failing. It would be great to get an alert rather than having to go looking for it."

What is our primary use case?

I use JumpCloud across a whole bunch of different clients to manage their devices, to manage their users, and to manage their third-party applications through single sign-on.

It's a SaaS product.

How has it helped my organization?

In a remote world, it has made my life a lot easier. When people were in the office, you could use Active Directory, but we moved to JumpCloud just before COVID kicked in. It gave us the capability to continue managing machines without them having to check into the office.

I can set a machine up easily. I can send someone a new machine, and they boot it up. I give them a couple of instructions, and then it hands the machine over to me. I can configure the machine remotely by using policies and commands through JumpCloud.

What is most valuable?

The whole product is great. The device management is amazing. The fact that you can basically set up an entire machine without having the machine in front of you is most valuable.

The single sign-on capabilities are very helpful. If someone leaves the business, at the click of a button, you can literally disable their account for everything.

What needs improvement?

The capability to get alerts would be great when CPU or RAM is high on an endpoint, or when a disk is failing. It would be great to get an alert rather than having to go looking for it.

It would be handy to have an MDM for Windows devices. It seems to be on their roadmap. They support Windows devices on the platform, but we should be able to wipe the machine and do other similar things through MDM.

For how long have I used the solution?

I've been using JumpCloud for about six years. I use it every day.

What do I think about the stability of the solution?

It has been rock solid for what I need it for. They had a few outages late last year, but they didn't affect my clients or me. So, as far as I'm concerned, it has been rock solid.

What do I think about the scalability of the solution?

It is easy to scale. You just enroll more machines and more users. You get billed monthly on a high point of the number of users that you've got. So, it's fairly flexible.

It is used by small, medium, and large companies. It is suitable for all of them.

How are customer service and support?

It has always been brilliant. Whenever I've had to contact JumpCloud for any reason, they've come back to me straight away. In six years, I've had to contact them three or four times, and each time, the issue was resolved relatively quickly and easily. There has not been too much difficulty with it.

How was the initial setup?

It depends on what you're using at the moment. From my point of view, when I deployed JumpCloud for one of my clients, it was a case of getting the users into the JumpCloud platform and then enrolling their machines and tying the two together. So, it was relatively straightforward, but I understand that some deployments can be more complicated, such as if you're using Azure AD, etc. They're not impossible, but they just need a bit more planning than if you're using standalone machines.

The number of people required for deployment depends on how many end users you're deploying it to. I've deployed it for a bunch of different companies. Some of the companies had 70 people, and I did it on my own.

It generally takes half an hour per machine. The duration depends on how many machines you've got, what state the machines are in, and whether the machines need updating or anything like that.

It's a SaaS product. It doesn't require any specific maintenance. The agent updates itself on all the machines, and it just keeps everything up to date on its own.

What's my experience with pricing, setup cost, and licensing?

The pricing model changed about 18 months ago. It used to be that you got 10 users free, and then you paid for any user above 10 users. Now, when you go above 10 users, you pay for every user.

It has become a bit more expensive, but it's such a good product. When you take into account Microsoft licenses, if you were to run Active Directory, you'd need a server to put it on, or you would need a couple of servers, backup, etc. It's a no-brainer. JumpCloud is so much easier to manage from my perspective, regardless of the cost increase. It's just brilliant.

There are different tiers of this product, but the base product, called JumpCloud Core, is what I use with most of my clients. It suits us down to the ground.

Which other solutions did I evaluate?

When we first started looking at JumpCloud, we took a demo on Okta. At the time, JumpCloud did a lot more than what Okta did, which was why we went with JumpCloud.

Device management was one of the reasons for going for JumpCloud. Okta was very much for the cloud and single sign-on, and you couldn't manage the devices, whereas JumpCloud actually managed the end-user devices. You could enforce encryption and other similar things, which Okta didn't let you do at the time. It probably does that now because we're six years on, but back then, it didn't.

What other advice do I have?

Don't hesitate. Just do it. It is just fantastic.

I would rate it a nine out of 10. It does everything I need it to. It is a great product. It is not missing too much.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Flag as inappropriate
System Architect at a manufacturing company with 10,001+ employees
Real User
Great integration and end user experience
Pros and Cons
  • "One of the features that I enjoyed most was the integration with Azure AD because I could use VMware Identity Manager to standardize the User Principal Name coming from Active Directory. You have Azure AD Connect to do that. In between, if you have vIDM handling it, you can easily get the synchronization of users into your VM and standardize the User Principal Name. If you require quality assurance for handling it, you can actually count on the vIDM to do so. That was one of the main things I enjoyed about the product."
  • "vIDM could be improved with the multi-tenant capabilities that VMware tends to offer—features like customization branding and the integration of the app catalog based on the branding. Since the integration has been at top-level OGs, you were not able to then do rebranding if you were required to use specific user groups to highlight specific applications. At the time, I was personally opening feature requests for these things. I haven't worked with the latest release, so I don't know if these features were already deployed or not."

What is our primary use case?

At the time, our primary use case was for the purpose of having single authentication around endpoints. Every single endpoint was managed by Workspace ONE: iOS, Android devices, and Windows standard devices. We were provisioning payloads. We had a trust relationship between Workspace ONE and the vIDM console, and we were handling certificates around those, to provide seamless certification. In the end, a user with specific applications wouldn't be required to type in any username, password, etc. 

vIDM was a SaaS-based solution, at the time, where you had the vIDM connectors in case you were required to have LDAP Synchronization. It was completely on a dedicated cloud from VMware. 

How has it helped my organization?

One of the main benefits was end user experience. Imagine that your business apps on your mobile device, for instance, no longer require you to type in your username, password, or second factor of authentication—as long as you're handling a managed and trustworthy device, you can seamlessly log in to applications. In the past, I personally integrated it with applications like SAT and Salesforce. As long as the application offered integration, we could easily do this. 

What is most valuable?

One of the features that I enjoyed most was the integration with Azure AD because I could use VMware Identity Manager to standardize the User Principal Name coming from Active Directory. You have Azure AD Connect to do that. In between, if you have vIDM handling it, you can easily get the synchronization of users into your VM and standardize the User Principal Name. If you require quality assurance for handling it, you can actually count on the vIDM to do so. That was one of the main things I enjoyed about the product. 

What needs improvement?

vIDM could be improved with the multi-tenant capabilities that VMware tends to offer—features like customization branding and the integration of the app catalog based on the branding. Since the integration has been at top-level OGs, you were not able to then do rebranding if you were required to use specific user groups to highlight specific applications. At the time, I was personally opening feature requests for these things. I haven't worked with the latest release, so I don't know if these features were already deployed or not. 

For how long have I used the solution?

I used vIDM for about four years, though the last time I worked with it was about a year ago. 

What do I think about the stability of the solution?

I can't recall having any problems with stability or performance. 

The maintenance, regarding the core system, was provided by VMware directly. For the connectors hosted on our on-prem infrastructure, maintenance was handled by the team responsible for the product. 

What do I think about the scalability of the solution?

It's easy to scale, since it's in the cloud. We never had to worry about scalability. 

At the time, there were about 120,000 people in the company using this solution. 

How are customer service and support?

VMware has the standard support, and then they have enterprise support or special contracts for enterprise support with dedicated teams. We never had to deal with the default, but nonetheless, there will always be glitches around tech support. We were quite knowledgeable about the products, so if we actually raised a ticket, it was because something was definitely not working and there was a bug on the product itself. It was mostly the case that it would be dropped at the product management team directly. 

How was the initial setup?

The deployment was complex, considering the infrastructure. Our organization has more than 400,000 users, so the complexity of the in-house infrastructure is quite high, which implies some complexity during the deployment process as well. You need to interact with several teams regarding identity management or identity access management. On a small-sized company, it may be quite straightforward. 

We first collected the requirements, which was straightforward. Then—this will depend on the size of the organization—we had five or six people around the required services. They came from Active Directory, the main identity provider, the application owners for service provider integration, and it took them a few days. 

What about the implementation team?

We implemented this solution through an in-house team. 

What other advice do I have?

I rate vIDM a nine out of ten. During the time I worked with it, it was a really nice product, and it was straightforward and reliable. 

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Founder & Chief Operating Officer at a tech services company with 11-50 employees
Real User
Top 5
Integrates well into an Oracle ecosystem, it's easy to use, but the support and setup could be better
Pros and Cons
  • "Once it is set up, it is easy to use and it integrates with most of the products on the market."
  • "The initial implementation can definitely be improved because you have to work on several components to configure it correctly."

What is our primary use case?

We are Integrators. We implement and integrate this product for our clients, as well as provide support to our client who is using this solution.

Mainly, we are using it to provide access to two different systems that the client has. It determines the access levels of people. It tells you who needs how much access and then managing it through that.

What is most valuable?

Once it is set up, it is easy to use and it integrates with most of the products on the market.

What needs improvement?

The initial implementation can definitely be improved because you have to work on several components to configure it correctly. Nowadays, most of the solutions are a few clicks before they are installed and then configured.

Technical support needs improvement, they could be 200% better. The reason that most people are having problems is because of the support they provide.

It's very difficult to engage with them or to get the answers to your queries. The turnaround time is very slow. It needs to be faster.

In the next release, I would like to see the integration with non-Microsoft products as well. 

It takes a lot of time to integrate it with non-Oracle products. 

If you have an Oracle ecosystem then you can integrate it, but if it is Microsoft SQL or any other databases that are being used then it is not interoperable. It works but it takes time.

I would like to see if they can easily integrate with other technologies.

For how long have I used the solution?

I have been working with Oracle Access Manager for a few years.

We are using the latest version.

What do I think about the stability of the solution?

For the most part, it's stable.

What do I think about the scalability of the solution?

The organization that we are supporting has approximately 200 to 300 users.

How are customer service and technical support?

Oracle technical support is never good for OAM.

Which solution did I use previously and why did I switch?

Previously, we were using the AWS based product and Okta.

How was the initial setup?

The installation is not straightforward. In fact, the implementation of OAM is complex, compared to other products, but once it is implemented it is good.

If there are no problems coming in, then it can be done in a few hours. However, if there are some problems then the troubleshooting is a long haul.

We have a couple of engineers to maintain this solution.

What other advice do I have?

I would recommend this solution to others, especially if they are using Oracle products because it is easily integrable with those products. 

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
Siddhit Renake - PeerSpot reviewer
Platform Engineer - Linux at a tech services company with 201-500 employees
Real User
Top 20
Easy and flexible integration regardless of the codebase
Pros and Cons
  • "The most valuable feature is that it is simple to integrate, irrespective of your codebase."
  • "This is a costly solution and the price of it should be reduced."

What is our primary use case?

We were evaluating Auth0 as centralized authentication solution for our in-house development. We are searching for the best solution to take care of this because our product development is ongoing, and we want to find just the right fit. Ultimately, we did not choose Auth0.

What is most valuable?

The most valuable feature is that it is simple to integrate, irrespective of your codebase.

What needs improvement?

This is a costly solution and the price of it should be reduced.

For how long have I used the solution?

We had been evaluating and testing Auth0 for between three and four months.

What do I think about the stability of the solution?

It is pretty much stable. We did not encounter any issues with respect to integration and testing.

What do I think about the scalability of the solution?

Considering we are conducting a PoC, we are not able to fully test scalability. However, our understanding is that it scales well.

How are customer service and technical support?

My team was in touch with their counterparts from marketing and technical resources, but because it was a PoC engagement, we did not take it further.

Which solution did I use previously and why did I switch?

We did not use another SSO product before our current PoC began.

Which other solutions did I evaluate?

We have been evaluating multiple single sign-on solutions including Auth0 and Okta.

We run a successful proof of concept but we did not select Auth0 because their entire structure is hosted on AWS, and we are a data center company so we thought that having the backend hosted on AWS was not the right choice for us.

Had this same solution been available as a private deployment then it would have been the right fit for us.

What other advice do I have?

During our exploration and evaluation, Auth0 and Okta were the top contenders from a pure authentication point. My advice for anybody who is considering such a system is to have multiple authentication systems evaluated from a technical point of view, and adopt the one which rightly suits your use case and requirements. Different products have different features sets, but what matters most is that it is purely compatible with your use case. Scalability is probably the most crucial factor.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Single Sign-On (SSO)
June 2022
Get our free report covering Google, Okta, Amazon, and other competitors of Azure Active Directory (Azure AD). Updated: June 2022.
609,272 professionals have used our research since 2012.