We performed a comparison between ForgeRock and One Identity Active Roles based on real PeerSpot user reviews.
Find out in this report how the two Access Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like the intelligent authentication feature."
"The product is easy to set up."
"Installation and configuration are pretty easy for ForgeRock OpenIDM."
"Easy to navigate, handle and manage the applications."
"ForgeRock has CIAM, which other products didn't have, and they have DevOps ready."
"The solution integrates well and it is important for them to keep up with the current trends in the market quickly enough, and they have been doing a good job at it."
"Even though we have very small business interests with them today, they see that we plan on growing drastically over the next two years. Therefore, we have excellent support and we are now at a point where we are not calling tech support. We pick up a phone and call the Account Manager and they'll get everything resolved for us. We don't have to queue along with everybody else and go through a long process."
"The solution is very scalable. We have a lot of users that have been increasing over the years that we have been using it. We have approximately 20,000 users."
"The solution is stable."
"The AD and AAD management features of this solution are really good... They offer added value by showing more fields such as password age and the statuses of some things that we normally wouldn't see."
"Having a tool to manage all changes to AD from a single pane of glass is awesome."
"Another good feature is the change history. It's centralized in a single place and allows us to manage people's Active Directory domains from a central location. We can also drill down into individual objects in a troubleshooting or even an auditing situation. We can show evidence to auditors by drilling down into the individual history. It gives you all the history of what happened around an individual object. That is something that would be almost impossible to do in Active Directory, or extremely complicated."
"Secure access is the most valuable feature."
"It provides automatic provisioning/update/deprovisioning workflows from a source system to a target system."
"The provisioning and deprovisioning saves a lot of time and skips a lot of errors."
"It's valuable to us in that it resembles the native tools that most people have grown accustomed to... Active Roles resembles traditional tools, such as from Microsoft. That is really good because it eases the way people interact with the tool."
"Automatic Deployment needs improvement. it could be made easier."
"They should improve the solution by include reporting."
"The solution's deployment should be made easier."
"We're worried about the scaling. We're told it will be okay and there won't be issues, however, I'm not 100% convinced."
"The solution could improve by adding more advertising and marketing."
"The identity management model needs a bit of improvement."
"It should be a little bit easier to implement. It is user-friendly, but there is always scope for improvement."
"ForgeRock is an open source solution and is available to everyone but it is not freeware. If you need support, you need a subscription for ForgeRock. Many of its functionalities need to be built up with the help of a consultant."
"When doing a workflow, we would like a bit better feedback on the screen, as we're trying to get it to work. For example, there is a "Find" function that you need set up in a workflow to do some of the automation. It is not the easiest to get a result from those finds when you're trying to do that. In the MMC, they have a couple different types of workflows. In this particular case, we use their workflow functionality to find all of X within the environment, then if you find it, do X, Y, and Z. You can have multiple steps. When you do that search function within that workflow, it's really hard to find out, "Is my search working?" It would be nice if there was some feedback on the screen so you could see if your search is working properly within the workflow."
"In terms of improvement, it could be made even more user-friendly for administrators when they need to create new workflows and rule sets."
"The third area for improvement, which is the weakest portion of ARS, is the workflow engine, which was introduced a few years ago. It's slow and not very intuitive to use, so I would like to see improvement there."
"The way you can search groups could be better."
"The user and group management in Azure AD could be better. Our focus these days is dynamic sharing with several on-prem Microsoft applications like SharePoint."
"Another issue we have with the product is that we run a lot of custom tasks. You have to program them to run on one particular host and there's no automatic failover to a second host. If that host is down when a task is supposed to run, it has to wait until the next time it runs when that host is up."
"I've had a difficult time getting it to cooperate with Azure in the cloud and, while the support staff are very good and very knowledgeable, what they assist with just on a call doesn't go deep enough to help with a number of issues. The answer that comes back is that we'd have to start an engagement with Professional Services, which is fine but that takes time to schedule and it takes budget."
"Most of the time it just works."
ForgeRock is ranked 4th in Access Management with 27 reviews while One Identity Active Roles is ranked 5th in User Provisioning Software with 17 reviews. ForgeRock is rated 8.0, while One Identity Active Roles is rated 8.6. The top reviewer of ForgeRock writes "Governance and access management solution used for multi-factor authentication that is outdated with an unresponsive UI". On the other hand, the top reviewer of One Identity Active Roles writes "Single interface and workflows simplify AD and Azure AD management efficiency and security". ForgeRock is most compared with SailPoint IdentityIQ, PingID, Microsoft Entra ID, Auth0 and Symantec Siteminder, whereas One Identity Active Roles is most compared with Microsoft Entra ID, ManageEngine ADManager Plus, One Identity Manager, SailPoint IdentityIQ and Softerra Adaxes. See our ForgeRock vs. One Identity Active Roles report.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.