We performed a comparison between Microsoft Entra ID, Okta Workforce Identity, and OneLogin by One Identity based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Okta, Google and others in Identity and Access Management as a Service (IDaaS) (IAMaaS)."The boards for task tracking are a valuable feature."
"Installation is straightforward. It only took a couple of hours to set everything up."
"The way the laptops are joined is valuable. We can take advantage of that in terms of being able to log in and do things. It is easier to change passwords or set things up."
"I like that you can run it on-premises. I also like that I can use Azure at any time as the main one."
"Azure AD allowed us to get rid of servers and other hardware running at our offices. We moved everything to the cloud. Once we set up roles and permissions, it's only a matter of adding people and removing people from different groups and letting permissions flow through."
"The self-password reset if it's enabled and configured properly, really helps a company be able to reset rather than getting IT involved."
"The ability to speed up ability is an asset."
"Syncing with our on-prem Active Directory is valuable because we do not have to keep multiple identities for each of our staff members. We can easily evaluate login risks and provide access for SSO via 365 into applications, such as Salesforce, and other things that we run our business on."
"The provisioning functionality has been the most valuable. This solution has good performance, fast integration and is very responsive."
"It has a wide range of MFA options. I prefer "Okta Verify" out of them all."
"What I found most valuable in Okta Workforce Identity is that it worked together with VMware Workspace One, so there was this device check at the same time. My company used the trusted device method that enabled you to define that only the trusted devices including the Workspace One agent were able to access the applications directly without an additional authentication step."
"It is flexible and easy to install."
"We find the solution to be stable."
"The most valuable features are ease of operation and visibility."
"First of all, the solution is very simple."
"The most valuable feature in Okta Workforce Identity is the single sign-on, universal directory, and lifecycle management."
"Once I made the OneLogin ID, it would essentially make user names and passwords for every application that we had."
"The most valuable feature is the ease with which we can manage the sign-on feature."
"Documentation."
"One aspect I particularly appreciate is their exceptional customer support whenever I've needed assistance."
"Ease of integration with AD."
"When it comes to access management, the solution's single pane of glass is extremely important. The single pane of glass for access management enables collaborative work between IT and security. We have access to certain applications that require device trust. Based on the role, we can access those applications through OneLogin Desktop."
"The solution's ability to save and manage of all my passwords is great."
"In my role, the most valuable features are two-factor authentication and self-service password reset. The most helpful feature for the institution as a whole is probably the single sign-on. As an IT director, I care about security and ease of use."
"Its integration with open-source applications can be improved. I know that they are working on open-source authentication methods for integration with open-source applications, but they can make it more open."
"They have had a few outages, so stability is a little bit of an issue. It is global. That is the thing. I know some of the other competitors are regionalized ID platforms, but Entra ID is global, so when something goes wrong, it is a problem because it underpins everything, whether you are logging in to M365 or you have single sign-on to Azure, Autopilot, Intune, Exchange mailbox or another application. If there is a problem with Entra ID, all of that falls apart, so its great strength and weakness is the global single tenant for it. Stability is a key area for me. Otherwise, it is generally pretty good."
"The Cloud Provisioning Agent cannot provision a lot of the information that AD Connect does. For starters, the lightweight version cannot synchronize device information. If you have computers on-premises, the information about them will not be synchronized by the Cloud Provisioning Agent. In addition, if you have a user on the cloud and he changes his password, that information should be written back to the on-premises instance. But that workflow cannot be done with the lightweight agent. It can only be done with the more robust version."
"Whatever business requirements we needed in the past three years, users were created, with the name of the user and they were not connected with the Active Directory. We were trying to in house in three years and with directory, but we were not able to achieve it."
"The SSO MyApps interface is very basic and needs better customization capabilities."
"My problem with Azure AD is that it's designed for medium to large systems, and we're not that large."
"One area where it can improve is connectivity with other systems. Not all systems are connected and you have to do coding to establish a point of connectivity. It supports certain vendors and it supports certain protocols. It is limited in many other aspects at the attribute level."
"If Microsoft can give us a way to see where this product is running, from a backend perspective, then it would be great."
"There are some issues with the interface that can be improved."
"On the admin side, we can create our own passwords instead of generating one, which is usually difficult to explain to a user."
"There should be automated aggregation and complete classification processes included in it."
"This user integration with the Okta integration network could be simplified."
"SSO and MFA for improved end-user experience, and protection against password spray attacks, account password self-service."
"The product is expensive compared to other tools."
"The initial setup can be complex at first."
"The ability or the options in the solution for changing the look and feel are not good enough because in our partner portal, essentially what they have is an ugly admin interface."
"The tool must be made more robust."
"They have downtime twice a year or once in six months. During the downtime, the SSO page did not come up. When users wanted to get to their email, they were redirected to the OneLogin page, but the page did not come up, and MFA and logins failed. It completely crippled us."
"OneLogin needs to increase the number of connectors available out of the box to connect to the different endpoints. The number of out-of-box connectors should be increased."
"We've been experiencing some pain points since the acquisition. For example, there have been some outages we didn't see previously, which are a big topic with my executive team. You have hundreds of applications relying on this service for login. If the service is unavailable, nobody can log into these applications."
"The solution keeps going down for many hours, which impacts the entire company. You can't access any applications. OneLogin Desktop has a huge problem where it locks your computers and you need to reset the whole computer, which is pretty insane."
"To offboard, you have to manually click on this checklist, each of the checkmarks. It would actually be really nice if, for offboarding someone, you just click "offboard" and it automatically runs a script to do that."
"While I initially used OneLogin's desktop feature to extend SSO, I discontinued it two years ago due to limitations."
"I would like better reporting from SmartFactor Authentication when a user is not able to sign in due to a new location, new IP, new device, et cetera."