ForgeRock vs Microsoft Entra ID Protection comparison

Ping Identity and Microsoft are both solutions in the Identity Management (IM) category. Ping Identity is ranked #13 with an average rating of 8.0, while Microsoft is ranked #7 with an average rating of 8.6. Ping Identity holds a 4.7% mindshare in IAM, compared to Microsoft’s 0.9% mindshare. Additionally, 92% of Ping Identity users are willing to recommend the solution, compared to 100% of Microsoft users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Dec 1, 2024

ForgeRock and Microsoft Entra ID Protection compete in identity and access management solutions. Microsoft Entra ID Protection tends to have the upper hand due to its superior product offering and robust features.

Features: ForgeRock offers advanced identity orchestration capabilities, comprehensive user consent management, and extensive support for protocols like OAuth and SAML. Microsoft Entra ID Protection provides risk-based adaptive authentication, strong integration with Microsoft 365 applications, and detailed reporting tools.

Room for Improvement: ForgeRock could improve its integration with non-identity tools and enhance simplicity in configuration. Entra ID Protection could refine its pricing structure and expand support for non-Microsoft environments. Both products can benefit from increased customization options to better suit diverse enterprise needs.

Ease of Deployment and Customer Service: Microsoft Entra ID Protection is easy to deploy due to its cloud-based nature and seamless Microsoft service integration, supported by comprehensive documentation. ForgeRock requires more intricate configuration, offering flexibility that suits diverse deployment environments but may demand more setup efforts and expertise.

Pricing and ROI: ForgeRock's initial pricing is more attractive and scales well for large implementations, providing cost advantages in budget-conscious scenarios. Microsoft Entra ID Protection, although higher upfront, offers significant productivity gains and security benefits within Microsoft ecosystems, promising a compelling ROI over time.

To learn more, read our detailed ForgeRock vs. Microsoft Entra ID Protection Report (Updated: June 2025).

Buyer's Guide

ForgeRock vs. Microsoft Entra ID Protection

June 2025

Download the complete report

Helped 856,873 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Omada Identity

Mindshare comparison

As of June 2025, in the Identity Management (IM) category, the mindshare of Omada Identity is 3.4%, down from 3.5% compared to the previous year. The mindshare of ForgeRock is 4.7%, down from 5.3% compared to the previous year. The mindshare of Microsoft Entra ID Protection is 0.9%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Identity Management (IM)

Featured Reviews

Pernilla Hulth

IAM Project Manager (Independent) at a retailer with 10,001+ employees

The interface is easy to use and gives you a solid overview

The cloud-based deployment was straightforward, but the on-prem deployment was in a highly complex ecosystem. Omada has matured since then. I wouldn't say that it isn't straightforward, but it depends on the customer. A standard deployment is relatively easy, but it can be more painful if you need a lot of customization. We deployed the cloud solution in around four months, nearly meeting the 12-week benchmark. The on-prem deployment took three years. It was a highly complex ecosystem that was dependent on other systems. Depending on the size of your environment, you need a product owner and some specialists for maintenance. My last customer was a university with a complex environment. They had around 12 people involved in maintenance at that organization. Typically, it's between 2-5 people.

Read full review

Ahmet Murat Ülker

Devops Engineer and Trainer at a tech vendor with 1-10 employees

Easy to use, but customizations can be complicated to handle

I would suggest others use the product after asking them to consider their use cases. SSO may be a use case for some, and using the product as an IDM tool may be a use case. At the moment, my company is not deploying all the components of ForgeRock itself. My company uses ForgeRock for OAuth 2.0. For example, my company is not deploying the IDM and identity gateway components. You should consider your use case and select the required components for that use case. My company does not use the SSO features of the tool. My company uses SSO to access ForgeRock's AM Console for individual users. My company does not use single sign on features of the product and instead, we use Auth0. I rate the tool a seven or eight out of ten.

Read full review

Mahender Nirwan

Software developer at TAIGLE LLC

Access to other software is just one click away and suitable for big organizations

Currently, we have limited use of Microsoft AD. We only use it to see if user blocks are available. If they are, we unblock the account and get access accordingly. AD has paid access control features. We can add access control over AD. For example, for documentation, we use an Outline tool. It's open source, and we add our company's knowledge base to it. It's an alternative to Confluence. We don't want everyone to have access to all documentation. If I create documentation for my team, only my team should have access, not support or sales. We can add these scopes or access controls over AD. Once integrated, the person will get the appropriate access control features upon logging in. Role-based access control is a great feature of Active Directory.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable feature for us is the ability to set up connectors to various IT systems and offer a wide range of supported connectors."

"The support for the validity of the resources is valuable. The tool allows resource assignments within a validity period so that the managers do not have to remember to revoke the access once the work is done."

"When we started with identity and access management, we cleaned up and skipped 500 accounts. Therefore, there are a lot of people who are still in our system. Using this tool, we have cleaned up a lot of accounts for ourselves as well as our partners and suppliers. So, we can manage everything now."

"As an administrator, we benefit from a lot of functionality that is available out of the box, but it is also configurable to meet our specific needs."

"What I like most is that we can always find a solution, and we can also find the cause when something goes wrong. I like that the most because everything is in one way or another traceable. That is what I like most. I like its reliability."

"We used to have a problem where an employee's access wasn't terminated when they left the company. Now, we have much better visibility into and control over who has access."

"The administrative features and SoD are valuable."

"You can make resources. You can import them from Azure or Active Directory and put them in an application. For example, if there is an application that uses a lot of Active Directory groups, you can make the groups available for people. If they need to access that application, you can tell them the resource groups you have for that application. People can do everything by themselves. They do not need anybody else. They can just go to the Omada portal, and they can do it all by themselves. That is terrific."

More Omada Identity pros

"Easy to customize and adaptable to any environment."

"We create and define the permissions and configurations for the users."

"We used it to implement multi-factor authentication and to improve our security posture as well as reducing the potential for attacks."

"The support is good and prompt."

"ForgeRock is an extensive product with many functionalities and capabilities, much more than many other tools combined."

"ForgeRock products are customizable, and the out-of-the-box features are solid, too. I primarily use the OIDC compliance features. It's just a configuration. it's easy to set up and customize trees. We can add our own features if necessary. Banks and corporations have different standards and specific validations."

"ForgeRock has CIAM, which other products didn't have, and they have DevOps ready."

"Easy to navigate, handle and manage the applications."

More ForgeRock pros

"Microsoft's support is commendable. Their response time is quick, and they handle inquiries effectively, ensuring ongoing support processes."

"The multifactor authentication feature is effective, providing an additional layer of security."

"The solution's technical support offers great assistance to users."

"For me, automatization is most valuable."

"The features we find most effective for identity security include access reviews, two-factor authentication, and modification."

"I use conditional access most of the time."

"The primary and most valuable aspect of Azure AD identity is its ability to function seamlessly on both on-premise and cloud infrastructure, eliminating the need for extensive updates. However, this dual solution can pose vulnerabilities that require substantial support and security measures in the on-premise environment. Despite the challenges, it is currently not feasible to completely abandon AD, especially for companies in the sales and energy sectors. The integration with Microsoft Defender is crucial for enhancing security, making identity and security the primary focus and purpose of Azure AD."

"The solution helps us with authentication."

More Microsoft Entra ID Protection pros

Cons

"There is room for improvement in Omada's integration capabilities, particularly in streamlining complex integrations and enhancing programming logic for better rule management."

"Omada Identity has two main issues that need to be solved or improved the most. One is its setup or installation process because it's complex and cumbersome. I'm talking about the process for on-premises deployment because I've never tried the cloud version of Omada Identity. Setting up the cloud version should be much easier. The second area for improvement in Omada Identity is that it's piggybacking on Microsoft's complex way of having all kinds of add-ons, extensions, or setups, whether small or large, such as the new SQL Server, and it's cumbersome to make sure that everything works. Omada Identity is a complex solution and could still be improved."

"The account management integration isn't bad, but it isn't plug-and-play like Microsoft Azure. You need some deep development knowledge to set up the connectors."

"Documentation can be improved. I have already filed a few suggestions to make documentation more clear and more representative of reality."

"The biggest issue, which is the reason why we are transitioning from their product to SailPoint, is the overall user experience. From a technical perspective, it is a very good product, but from an end-user experience perspective, it significantly lacks."

"Omada could make it a bit more convenient to send emails based on events automatically. Having that functionality is critical for us to maintain transparency."

"When you do a recalculation of an identity, it's hard to understand what was incorrect before you started the recalculation, and which values are actually updated... all you see are all the new fields that are provisioned, instead of seeing only the fields that are changed."

"The web GUI can be improved."

More Omada Identity cons

"In future releases, I would like to see easier integration with other solutions, like facial recognition and KYC solutions with biometric onboarding."

"It should have a better user interface. Its flexibility should also be improved. It is not about simplifying; it is more about flexibility. Each company has its own requirements, and ForgeRock can provide more flexibility in terms of the use of existing modules to implement features for the customers."

"The user interface could be improved as it is cumbersome and outdated. It doesn't have a responsive UI."

"The solution's documentation is not very good, and they do not give more details."

"The identity management model needs a bit of improvement."

"The product's support services in the French language are not free."

"I don't think ForgeRock directly supports integrations with Slack, making it an area where improvements are required."

"Lacks simplified documentation within the tool that requires use of a separate portal."

More ForgeRock cons

"There is room for improvement in the ability for Entra ID Protection to inherit roles and configurations from whatever solution I am migrating from, so that these don't have to be built from the ground up during the implementation process."

"The platform's pricing and scalability need improvement."

"I rate the quality of support at four out of ten because of inefficiencies in the ticket handling process. Tickets often bounce from person to person, requiring the sharing of information multiple times."

"The solution's sync should be faster since it can take about 30 minutes to two hours to complete a simple sync. The tool needs to sync instantly. It also needs to improve scalability, support, and stability."

"The product's initial setup phase is not easy."

"Azure AD could improve by enhancing the availability of specialized courses for security, such as NETSCOUT security or other relevant certifications. It would be beneficial to have specific courses for security, to provide in-depth knowledge and skills related to Azure AD. While there are micro-learning resources available for various concepts, many people in the IT industry may not have the time to go through all the courses to properly configure and utilize Azure Active Directory. Simplifying the implementation process and making it easier for individuals to join a company with Azure AD could also be considered areas for improvement."

"Microsoft has not offered control over how they calculate high or low-risk scenarios."

"There is a lot of confusion around the user interface."

More Microsoft Entra ID Protection cons

Pricing and Cost Advice

"They are positioned at a good price point. They are lower than some of their competitors."

"It is expensive. Fortunately, I had a very good procurement manager on my side, but they are expensive. The closest competitors are also very expensive. You get a full-fledged solution that can do everything you dream of, but you pay for everything."

"The pricing is too high for SMBs."

"It is not cheap. None of these solutions are cheap, but we have good pricing at least for now from a licensing perspective."

"The initial total cost of ownership to implement Omada Identity is not small. The TCO for the implementation is as high as any other solution. However, the cost of maintaining the solution is at par or lower than competitors, including adding more features or maintaining the system after the initial deployment or installation to make sure that they are available for users to use or extending the functionalities of those activities. Those maintenance costs are lower than other vendors, but the initial cost of getting the system installed is still high."

"It is licensed per managed user per year."

"From an on-prem point of view, the cost is quite transparent and reasonable. The direct cost is primarily for licenses and maintenance on licenses."

"Omada Identity offers a reasonable price point, but it will increase as we transition to the cloud."

More Omada Identity pricing and cost advice

"We have multiple clients we are looking at right now. We are at a very small number, however, the idea and the goal is to grow. We are looking at about $100,000 and $50,000 a minimum a month cost. That'd be minimum maybe in a couple of years."

"ForgeRock's pricing is more competitive than other products."

"The license is purchased annually per user. However, you can negotiate if you are signing for a longer period of time. When comparing this solution to others on the market it is priced fair, it is not at the top of the price range or at the bottom end."

"Its price is comparable to other products in the market."

"The pricing of the solution is fair but I do not have the full details."

"It's a bit pricey and could be more competitive."

"ForgeRock is an expensive solution."

"Its licensing is on a yearly basis, but it also depends on the contract that you have with the vendor. They have multiple types of contracts. There are additional costs to the standard licensing fees. If you need some of the features, you have to pay more."

"From one to ten, if one is cheap and ten is expensive, I rate the tool a seven out of ten."

"The product cost is on the expensive side."

"Azure Active Directory Identity Protection is not very expensive."

"The pricing is competitive in the SMA segment and runs $5-$6 per user."

"The price of Azure AD is not expensive."

See which vendors are best for you

Use our free recommendation engine to learn which Identity Management (IM) solutions are best for your needs.

See recommendations

856,873 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

16%

Computer Software Company

13%

Manufacturing Company

Government

Financial Services Firm

23%

Computer Software Company

12%

Insurance Company

Manufacturing Company

Computer Software Company

17%

Financial Services Firm

14%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Omada Identity Cloud?

As an administrator, we benefit from a lot of functionality that is available out of the box, but it is also configur...

See all answers

What is your experience regarding pricing and costs for Omada Identity Cloud?

They are positioned at a good price point. They are lower than some of their competitors.

See all answers

What needs improvement with Omada Identity Cloud?

The biggest issue, which is the reason why we are transitioning from their product to SailPoint, is the overall user ...

See all answers

What do you like most about ForgeRock?

The most valuable features of ForgeRock are social login and data protection.

See all answers

What is your experience regarding pricing and costs for ForgeRock?

Our company was considering switching back to Keycloak from ForgeRock, so as to not pay any license fees. ForgeRock a...

See all answers

What needs improvement with ForgeRock?

In the past, I saw that Splunk was integrated with a testing portal, and then it was integrated with Slack. I don't t...

See all answers

What do you like most about Azure Active Directory Identity Protection?

I use conditional access most of the time.

See all answers

What is your experience regarding pricing and costs for Azure Active Directory Identity Protection?

The pricing for Microsoft Entra ID protection is not expensive. It varies based on the company's size and quality.

See all answers

What needs improvement with Azure Active Directory Identity Protection?

I have set up my Active Directory locally for the same domain. However, Entra ID lacks a function to synchronize from...

See all answers

Comparisons

SailPoint Identity Security Cloud vs Omada Identity

Compared 30% of the time

Microsoft Entra ID vs Omada Identity

Compared 21% of the time

Saviynt vs Omada Identity

Compared 16% of the time

One Identity Manager vs Omada Identity

Compared 8% of the time

Ping Identity Platform vs Omada Identity

Compared 5% of the time

More Omada Identity Competitors

Microsoft Entra ID vs ForgeRock

Compared 21% of the time

SailPoint Identity Security Cloud vs ForgeRock

Compared 12% of the time

Ping Identity Platform vs ForgeRock

Compared 10% of the time

Symantec Siteminder vs ForgeRock

Compared 8% of the time

Auth0 vs ForgeRock

Compared 8% of the time

More ForgeRock Competitors

Microsoft Defender for Identity vs Microsoft Entra ID Protection

Compared 43% of the time

BloodHound Enterprise vs Microsoft Entra ID Protection

Compared 11% of the time

Semperis Directory Services Protector vs Microsoft Entra ID Protection

Compared 9% of the time

CrowdStrike Falcon vs Microsoft Entra ID Protection

Compared 8% of the time

Silverfort vs Microsoft Entra ID Protection

Compared 5% of the time

More Microsoft Entra ID Protection Competitors

Product Reports

Buyer's Guide

Omada Identity

May 2025

Download Omada Identity product report

Buyer's Guide

ForgeRock

June 2025

Download ForgeRock product report

Buyer's Guide

Microsoft Entra ID Protection

May 2025

Download Microsoft Entra ID Protection product report

Also Known As

Omada Identity Suite, Omada Identity Cloud

ForgeRock Identity Platform, ForgeRock OpenIDM

Azure Active Directory Identity Protection, Azure AD Identity Protection

Overview

Omada Identity is an identity governance and administration (IGA) solution designed to help organizations manage and secure digital identities and access across their IT environments. It focuses on enhancing security, compliance, and efficiency by automating identity management processes.

Omada Identity offers a robust set of features that streamline identity lifecycle management, access governance, and compliance reporting. It integrates with a wide range of IT systems, applications, and data sources, providing a centralized platform for managing user identities and access rights. The solution enables organizations to enforce security policies, ensure regulatory compliance, and reduce the risk of unauthorized access.

What are the critical features of Omada Identity?

Identity Lifecycle Management: Automates the process of creating, updating, and deactivating user identities throughout their lifecycle.
Access Governance: Ensures that users have appropriate access rights, enabling continuous monitoring and recertification of access.
Compliance Reporting: Provides comprehensive reporting capabilities to demonstrate compliance with regulatory requirements.
Role-Based Access Control (RBAC): Simplifies the assignment and management of access rights based on user roles within the organization.
Self-Service Access Requests: Empowers users to request access to resources through a user-friendly portal, reducing administrative burden.
Integration Capabilities: Seamlessly integrates with various systems, applications, and data sources for unified identity and access management.

What benefits or ROI items should users look for in the reviews when evaluating Omada Identity?

Improved Security: By ensuring that only authorized users have access to sensitive information, Omada Identity enhances overall security posture.
Regulatory Compliance: Helps organizations meet compliance requirements by providing detailed audit trails and reporting features.
Operational Efficiency: Automates routine identity management tasks, reducing manual effort and freeing up IT resources for strategic initiatives.
User Productivity: Streamlines access management processes, enabling users to quickly obtain the resources they need to perform their jobs.
Reduced Risk: Minimizes the risk of data breaches and insider threats by enforcing strict access controls and continuous monitoring.

Omada Identity is widely adopted across various industries, including healthcare, finance, and manufacturing. In healthcare, it helps protect patient data and comply with regulations like HIPAA. In finance, it ensures compliance with SOX and other financial regulations. In manufacturing, it secures access to sensitive production data and intellectual property.

Pricing and licensing for Omada Identity are typically based on the number of users and the specific features required. Customer support is available through various channels, including online resources, support tickets, and professional services for implementation and customization.

In summary, Omada Identity is a comprehensive IGA solution that enhances security, compliance, and efficiency in managing digital identities and access.

Omada

ForgeRock is a comprehensive open-source identity and access management solution designed to meet the unique needs of your users and workforce. With ForgeRock you can orchestrate, manage, and secure the complete lifecycle of identities in any cloud or hybrid environment. ForgeRock allows you to set up bot detection, identity proofing, and risk-based authentication.

With ForgeRock, you can define access policies and automate the management of the identity lifecycle all from a central, easy to use, and graphical dashboard. ForgeRock Access Management allows you to build safe authentication using options like passwordless and usernameless logins, single sign-on, biometrics, contextual analytics, and behavioral authentication. When threats appear, you can swiftly change how your users access your most sensitive applications and provide users with secure access to the applications, systems, and resources they need on demand.

ForgeRock Benefits and Key Features

Elevate your security and efficiency: Consolidating your legacy systems under one single platform provides reliable, unified control over all your user identities and access-related policies. ForgeRock Access Management also supports scaling existing policies for application onto new setups.
Passwordless authentication: Implementing passwordless authentication is simple with ForgeRock Access Management. You can easily replace user-selected passwords with other options, such as easy multi-factor authentication, biometrics, and SSO.
Identity governance: ForgeRock Identity Governance is a modern, AI-driven identity governance solution. By leveraging ForgeRock generated analysis reports, you can identify and apply appropriate user access, automate high-confidence access approvals, recommend certification for low-risk accounts, and review high-risk and inappropriate user access privileges. In addition, you can grant and enforce access to systems, applications, and infrastructure according to established policies.

Reviews from Real Users

ForgeRock stands out among its competitors for a number of reasons. Two major ones are its robust identity and access tools and its being easy to manage and scale with one central dashboard.

PeerSpot users note the effectiveness of these features. A technology solutions leader at an outsourcing company writes, “We need it for multiple clients, multiple implementations. Not all of them are necessarily a multi-tenant solution. We need a very versatile solution that can do a lot of work, but from a single instance that we can centralize authentications and we don't duplicate the efforts and that's where ForgeRock seems to do better.”

Mohamed B., a cyber security consultant at a tech company, writes, "Their access management solution, OpenAM, is most valuable because it meets the needs of a lot of users. ForgeRock secured our system so that it is accessed only by authorized people, and it implemented the SSO."

Ping Identity

Microsoft Entra ID Protection enhances security with advanced identity controls and seamless integration across environments. It ensures robust protection via multifactor authentication and single sign-on capabilities, safeguarding enterprises' sensitive information efficiently.

Microsoft Entra ID Protection offers comprehensive identity management and privileged access management features, making it critical for businesses transitioning to hybrid models or cloud solutions. Utilizing multifactor authentication, single sign-on, and security policy creation, it excels in securing access across both on-premise and cloud platforms. By integrating with Microsoft Defender, it enhances security measures. While it is highly effective, areas for improvement include identity labeling, password management, and more straightforward third-party integrations. Expanding access to Mac devices and simplification of the licensing model are also areas to be addressed for improved scalability.

What are the key features of Microsoft Entra ID Protection?

Granular Identity and Access Control: Tailor access permissions to enhance security measures.
Robust Authentication: Implement multifactor authentication for superior identity verification.
Seamless Management: Manage identities across on-premise and cloud environments effortlessly.
Conditional Access Policies: Enforce specific access rules based on predetermined conditions.

Why should users value Microsoft Entra ID Protection in their evaluations?

Operational Efficiency: Simplifies identity management with single sign-on.
Extensive Security Capabilities: Provides comprehensive protection for sensitive data.
Enterprise Focused: Tailored for use in complex organizational structures and transitions.
Integration Capability: Works closely with Microsoft Defender to enhance security measures.

In industries such as finance and healthcare, entities leverage Microsoft Entra ID Protection to maintain stringent access controls, optimize privileged access management, and facilitate smooth transitions to cloud environments. They utilize its integration with Azure AD to ensure comprehensive identity protection while aligning to compliance requirements specific to their fields.

Microsoft

Sample Customers

Bayer, ECCO Shoes, Vattenfall, NuStar Energy, Unicredit, Schiphol Group, BMW Group, Deutsche Leasing

Geico, Thomson Reuters, Salesforce, McKesson, Trinet, SKY, BNP Paribas, Deloitte, Capgemini, North Western University

Information Not Available

Buyer's Guide

ForgeRock vs. Microsoft Entra ID Protection

June 2025

Free Report: ForgeRock vs. Microsoft Entra ID Protection

Find out what your peers are saying about ForgeRock vs. Microsoft Entra ID Protection and other solutions. Updated: June 2025.

DOWNLOAD NOW

856,873 professionals have used our research since 2012.

See our ForgeRock vs. Microsoft Entra ID Protection report.

See our list of best Identity Management (IM) vendors.

We monitor all Identity Management (IM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.