IT Central Station is now PeerSpot: Here's why
Buyer's Guide
Identity and Access Management as a Service (IDaaS) (IAMaaS)
June 2022
Get our free report covering Google, Microsoft, SailPoint, and other competitors of Okta Workforce Identity. Updated: June 2022.
609,272 professionals have used our research since 2012.

Read reviews of Okta Workforce Identity alternatives and competitors

Aaron D Geister - PeerSpot reviewer
Atlassian Administrator at MarkForged, Inc.
Reseller
Leaderboard
Beneficial centralized management, highly scalability, and responsive support
Pros and Cons
  • "Some of the most valuable features of Jumpcloud have been the use of the policies. They have been very helpful. There are modules in there for policies where you can create your own which indirectly are GPOs similar to what you have for Microsoft environments, however, they are only doing registry changes. They are very powerful and useful. Additionally, having your directory and SSO in one spot is another thing that they provide in application management. Adding, removing, and updating applications are in one place for desktop administration."
  • "The querying for users in Jumpcloud could be improved, it is sometimes difficult to use. When you're trying to query a user and you spell out their name, you don't receive that person. Sometimes you receive a list of people with the same first name or last name. This could be better."

What is our primary use case?

Jumpcloud is used for single sign-on (SSO), cloud directory, authentication radius, which I use in multiple places in multiple cases, VPN radius, and network radius. The largest portion would be the directory, it is substituting the need to use the Microsoft typical environment or the Linux environment for the directory. It used to be the only two directory providers available, the Linux side or Microsoft Active Directory(AD). Now there are OneLogin, Okta, and JumpCloud competing with them and they are all cloud-based.

How has it helped my organization?

Jumpcloud has benefited our organization by showing us we don't have to have a Microsoft environment. If you're a Google shop, you can receive similar security that you would have in an Active Directory environment and more, because you have that radius built-in, you don't have to create other servers. You have the convenience of the day-to-day management of endpoints and users, which is all in one place because it does keep track of your devices and your users. Jumpcloud is a little bit more simple than using Microsoft, the simplicity of using it is a large benefit.

What is most valuable?

Some of the most valuable features of Jumpcloud have been the use of the policies. They have been very helpful. There are modules in there for policies where you can create your own which indirectly are GPOs similar to what you have for Microsoft environments, however, they are only doing registry changes. They are very powerful and useful. Additionally, having your directory and SSO in one spot is another thing that they provide in application management. Adding, removing, and updating applications are in one place for desktop administration. 

There are some key features that aren't there that would be possible with an RMM solution, but Jumpcloud is not meant to be an RMM, it's more centered around the directory, radius, and SSO. There are other features available, such as the integration with dual security which is really good. It produces a lot of functions, there are multiple functions and modules that you're using. There are plenty of features that are beneficial, such as insight reporting.

What needs improvement?

The querying for users in Jumpcloud could be improved, it is sometimes difficult to use. When you're trying to query a user and you spell out their name, you don't receive that person. Sometimes you receive a list of people with the same first name or last name. This could be better. 

We had a feature board at one time for requests for features to Jumpcloud. I know Jumpcloud is not an RMM tool, but I think it's very close. It's close to being your whole IT department's one-stop shop. The only thing they're missing is a remote connection tool to its endpoints, alert, and monitoring. 

I want to be able to build my own package deployments and then run them for updates and some other operations. They have good capabilities, but you can't host your files. I would like them to either drop the file limitation or increase it to larger file sizes. This would allow us to be able to host and build out strictly from JumpCloud because right now you have to have an S3 bucket or some other place to load the file data from to do it. Whenever you're scripting, it can be a headache to have to deal with. It would be a large benefit if they allowed us to host our files on their system for deployment.

For how long have I used the solution?

I have been using JumpCloud for approximately three years.

What do I think about the stability of the solution?

They went through a tough year this year with infrastructure and having some large outages. For any SaaS company, stability is the most important aspect of the business, they are a stable solution, but they should be more stable. A couple of years ago Microsoft had a bad infrastructure year and we had a lot of outages. In that year, Google had none. It can start to weigh down the company, I had to make a choice, do I choose Google because I have fewer infrastructure issues and have more stability or something else. Whenever you're faced with this type of issue, you have to make decisions and this is a priority for most users. Do are less concerned about new features, we want a solution that is very stable that we can count on. We know that most of the vendors have outages, but if you asked customers if they would rather have 10 new features or more stability, they would choose stability.

Stability is the most important aspect for anybody in the cloud right now. For us to keep pushing SaaS solutions, and sell SaaS them. Vendor stability is important and what do they deliver to customers as SLA for uptime matters.

The stability ofJumpcloud has become better. We still get notifications when there are issues, but every SaaS company has issues. Jumpcloud has taken this into consideration. We have a direct relationship with the CEO and some of the people that are right below him. I had a direct relationship with him from my business, and from knowing that they took our one-on-ones very seriously is a good thing. They will jump on a call with us even though we are a small client,  and it does not matter the size of our business or what we're contributing to in the world they will take their time to jump on a call and listen to our worries or concerns. They're very personal with their customers. It doesn't matter what level they are in the business, they will engage with you to make things better. When it came to stability, when we voiced our concerns, they listened. The stability has drastically improved.

What do I think about the scalability of the solution?

The scalability of Jumpcloud is amazing. You could have a small business, such as I have, and you could grow over 500 people overnight, and it operates perfectly.

I've had businesses use this solution that was well into the enterprise level, which is usually considered a thousand or more users, and it works just as well as if there are 200.

How are customer service and support?

The technical support from Jumpcloud is great. Everyone that I worked with walked me through whatever issues I had or found a root cause with me to be able to remediate. I've always had a good experience with them and they are fairly fast with their response. The support was good when I was on a free tier when my business first started to get off the ground. I would say that they were very responsive, even though I wasn't on a paid support tier. That shows a lot from their company that they do care about customers, even if they're only recently breaking into the industry. 

Which solution did I use previously and why did I switch?

When I started my business, I did was using purely Google for a while. I have sold and administrated Microsoft for three years prior. I have used OES, OneLogin, and Okta. I've used a lot of different systems that do a lot of the same thing. 

I ended up settling with JumpCloud because of their ease of use and simple management. I could have 10 clients in my MTP, the place I go for management looks the same, everything I do is easily navigatable because everybody's console looks the same. Ease of management and ease of learning are two of the most valuable selling points. You don't have to have a Bachelor's IT degree to be able to use and learn Jumpcloud. They have a university and very good documentation, they've documented their system very well. They have videos for training out there which makes everything simple. If you're looking at an OES, Microsoft, or any other environment, you have to dig into the documentation, you have to do an intensive search for the answers. The age of those older environments is almost going to be gone soon with SaaS. Services, such as JumpCloud, Okta, or OneLogin are making everything more simple.

How was the initial setup?

Jumpcloud is one of the easiest management tools for an environment to set up. However, any SSO is not easy. The APIs and the different portions of SSO authentication and what you need can be a challenge, but it's 10 times easier to implement than having to set up a Microsoft environment. 

If you are a new business it is the easiest tool to get your company going. If you're a small to medium-size business, if you start configuring it while you're a small business, it grows with the business well.

You can usually have a complete environment set up in a day's work easily. However, it can depend on many factors. For example, if you are using all the modules or the base modules, such as directory, users, and SSO. The environment that which it is implemented matters a lot. Many aspects can increase the difficulty level, such as the number of users, and how many desktops. I set up my business in less than two days or a day and a half.

What about the implementation team?

Jumpcloud takes care of most of the maintenance on their end. I do environmental maintenance, such as patching all of the desktop systems. Jumpcloud has the capability to do patching, it does it for you. As far as updates,  the only thing you have to keep track of is your certs. For example, if you have certs with your SSO information or your radius that you're receiving notifications on, you're remediating and updating those as often as they come through. They are either yearly or bi-yearly. The overall maintenance for Jumpcloud is similar to a typical IT functional system where there is upkeep and you have to make sure you clean up old users that have been removed or lost access.  

There's a little maintenance, but I wouldn't say it's heavy. A Microsoft environment is a lot harder to keep track of and maintain than Jumpcloud. I'm not trying to pick on Microsoft, it's the only thing to compare it to. Nobody's using OES anymore on the Linux side. The next biggest competitor is probably Okta, and they have a  different landscape from Okta. Okta and JumpCloud are both awesome. They both have their plus and minuses.

What's my experience with pricing, setup cost, and licensing?

The cost of the solution is approximately $12 per user. However, the cost depends on what modules you're using. They have an all-in-one package and they do have tiers. For example, the more users you have, the cheaper it ends up being in the end too. I know they've done some changes to the pricing model and I haven't been involved in a lot of the licensing lately. I don't know the exact cost at this time.

What other advice do I have?

My advice to others wanting to implement Jumpcloud would be for them to be involved with their representative. All of the people have been very helpful at JumpCloud, and they'll usually help you find the answers you're looking for, such as use case scenarios. They have a JumpCloud lounge, Slack channel and it has been one of the best resources because you have manyJumpCloud administrators that are doing the same thing you do daily. If you can't find an answer, you have peers that have experienced it that can help. 

When Jumpcloud has an outage or when they have system issues, in the JumpCloud lounge, information is reported very fast and their status page is updated quickly. The whole environment that they have there, is very humble and they're customer service based on helping people out as much as possible. It is important to stay involved with the community, stay involved with your representative and enjoy the solution. It is an awesome software to use.

I rate Jumpcloud a ten out of ten.

I'm not married to any software. There are many different options out there, you have to find what's best for your scenario. This solution is great, the ease of management and all the opportunity of administration that it has in it, it is one of the best solutions out there, next to Okta.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: My company has a business relationship with this vendor other than being a customer:
Flag as inappropriate
Product Manager/Architect at a consumer goods company with 5,001-10,000 employees
Real User
Top 20
We can see all facets of the business, providing us more visibility
Pros and Cons
  • "It enhanced our end user experience quite a bit. Instead of the days of having to contact the service desk with challenges for choosing their password, users can go in and do it themselves locally, regardless of where they are in the world. This has certainly made it a better experience accessing their applications. Previously, a lot of times, they had to remember multiple usernames and passwords for different systems. This solution brings it all together, using a single sign-on experience."
  • "The thing that is a bit annoying is the inability to nest groups. Because we run an Azure hybrid model, we have nested groups on-premise which does not translate well. So, we have written some scripts to kind of work around that. This is a feature request that we have put in previously to be able to use a group that is nested in Active Directory on-premise and have it handled the same way in Azure."

What is our primary use case?

We run in a hybrid model. We have our Active Directory on-premise directory services that we provide. We basically went to Azure so we could provide additional capabilities, like single sign-on and multi-factor authentication.

We are running in a hybrid environment. It is not completely cloud-native. We sync our on-premise directory to the cloud.

How has it helped my organization?

It definitely has improved our security posture, certainly from providing that second factor of authentication. It provides more visibility. We can see all facets of the business, e.g., when people are logging into our resources. This solution makes it highly visible to us.

It enhanced our end user experience quite a bit. Instead of the days of having to contact the service desk with challenges for choosing their password, users can go in and do it themselves locally, regardless of where they are in the world. This has certainly made it a better experience accessing their applications. Previously, a lot of times, they had to remember multiple usernames and passwords for different systems. This solution brings it all together, using a single sign-on experience. 

Is this specific to Azure? No. We have had other IdPs that gave us that same experience, but we have more apps that are integrated into Azure today from single sign-on than we had previously. Having that one handy "my apps" page for folks to go to as their one source for being able to gain access to all their apps is a much better experience from my point of view.

What is most valuable?

  • Azure Application Proxy
  • Single sign-on capabilities for SAML
  • OAuth integrated applications
  • The multi-factor authentication piece was desirable.
  • Defender for Identity, as of recently.
  • Some of the services, like Microsoft MCAS solution. 

These features offer additional layers of security, which is kind of what we were looking for. 

Some of the self-service password utilities certainly helped, given the scenario of the world today with COVID-19 and lockdowns. We certainly benefited from being able to say, "Have our users changed their password remotely." When they connect to the VPN, then sync them back up with the domain. So, that was very beneficial for us as well.

What needs improvement?

The thing that is a bit annoying is the inability to nest groups. Because we run an Azure hybrid model, we have nested groups on-premise which does not translate well. So, we have written some scripts to kind of work around that. This is a feature request that we have put in previously to be able to use a group that is nested in Active Directory on-premise and have it handled the same way in Azure. That is something that is actively being worked on. 

One of the other things that we felt could be improved upon is from an Application Proxy perspective. We have applications native to SSH, and we want to be able to do app proxy to TCP/IP. It sounds like that is actively on the roadmap now, which was amazing. It makes us very excited that it is coming, because we do have use cases with that as well.

For how long have I used the solution?

I have been using it for a few years now.

What do I think about the stability of the solution?

The stability has been pretty rock solid. For the first time, we have seen some instability over the last month. I know there were some issues with Microsoft in terms of one of their stacks. That was something that they addressed pretty quickly though. We were appraised of the issues by our technical account manager, so we were in the know. We weren't left in the dark when something happened, and it was remediated pretty quickly.

We have about five to six folks whose main role is to manage identity, and that is my team at the company. However, we also have administrators all over the globe, handling service desk tickets, e.g., resetting passwords. There are about 30 or 40 people, if you include that level of things. However, from a global admin perspective, we probably have a total of eight people.

What do I think about the scalability of the solution?

It is certainly scalable. Whether you are connecting to a local on-premise directory services organization, or if you are using B2B and B2C. This is part of the vision: At some point, leverage some of the B2B features that we have appointed to us in Azure, which we don't do today. This is certainly something that we are looking at internally as a potential for moving forward. 

We are managing 7,000 to 8,000 users within Azure AD.

This is room for growth.  

How are customer service and technical support?

We are part of the DPP program. So, we talk to the identity folks at Microsoft on a weekly basis, who are amazing. It has been such a great experience with those folks.

The technical support that we get through the GTP program is amazing. Microsoft Premier Support is pretty good as well. We have called them, but typically we don't have the type of issues that we are calling all the time for. We have a pretty savvy team, and just being plugged into the GTP team has helped us understand new features which are coming out, whether we are part of an active preview or attending an evening where they are doing a webinar to introduce new features to us. The cool thing about that is you do have that line of sight if you need to ask questions or get technical answers. Between our technical account manager and our GTP partner, we do relatively well without having to open too many cases.

Which solution did I use previously and why did I switch?

We had a different identity provider at one point in time. At the time that we were looking at identity providers, Microsoft really wasn't there from a technical perspective. They are there now, far surpassing some of the things that we have done in the past. So, it was a no-brainer for us. We are very much a Microsoft organization. Primarily, it is the operating system of choice, not only for endpoint service, but it was a pretty good deal to move over and leverage some of the licensing and whatnot for our end users.

From an IdP perspective, we had Okta for quite some time. We had some limitations with Okta that we were looking at Azure to handle. I got pulled in kind of mid-project. I am not really sure when the decision was made, or how it was made, but certainly cost was a factor. We were already licensed for a lot of what was needed to go with Azure, where we were paying Okta separate licensing fees. So, we saved money by switching from Okta to Azure.

How was the initial setup?

The initial setup would have been complex if it had not been for being part of the GTP program. We have gotten a lot of value out of that program in terms of cross-training our team members, catching up on any new features that come out as well as any of the gotchas that the Microsoft team has seen. So, those have benefited us quite a bit.

The deployment probably took six to eight months. Standing up Azure and sinking your directory services, like creating a connector, takes minutes. We could stand that up in the day. What took time was taking all of the applications that we have throughout the environment, migrating them across and doing integrations with single sign-on. You need to have conversations with different application owners as well as potentially pulling in some vendors to do some of the configuration. There may be some apps which are not as straightforward as others, but we thought that the experience was pretty straightforward (to a point) where we can handle a lot of the work ourselves.

What about the implementation team?

When we needed Microsoft, we were able to reach out, talk to them, and get the assistance that we needed. That was super beneficial to us.

What was our ROI?

There are a lot less calls to our service desk. For some of the traditional, "Hey, I need to reset my password," or "Hey, I'm locked out." So, we're seeing a lot of that self-service, gaining access to the different apps, and having it all be integrated with Azure will take away some of the headache. For example, "I don't know what my password is for GitHub," or, "I don't know what password is for Slack." We are like, "Well, it's the same password that you use every day." So, that has dropped call volume.

What's my experience with pricing, setup cost, and licensing?

If you have a different IdP today, I would take a close look at what your licensing looks like, then reevaluate the licensing that you have with Microsoft 365, and see if you're covered for some of this other stuff. Folks sometimes don't realize that, "Oh, I'm licensed for that service in Azure." This becomes one of those situations where you have the "aha" moment, "Oh, I didn't know we can do that. Alright, let's go down this road." Then, they start to have conversations with Microsoft to see what they can gain. I would recommend that they work closely with their TAM, just to make sure that they are getting the right level of service. They may just not be aware of what is available to them.

We look to gain new features when updating licensing. Every time we go to negotiate an enterprise agreement, we are looking at:

  • What are the benefits?
  • What are we getting back from Microsoft?

    They are very good at working with us to get what we are looking for in terms of working on packaging for pricing.

Which other solutions did I evaluate?

We did not evaluate other options. The decision was pretty easy. When we initially looked at Okta years ago, Microsoft was also one of the folks that we looked at. Okta was a little more advanced than some of the gallery apps. Then, Microsoft made a huge play and added more gallery-type apps. That helped us quite a bit to move things along.

What other advice do I have?

For others using Azure ID, take cookie online training. They are widely available, free, and give you a very good idea of what path you need to go to. So, if you want to take some professional training to become a guru, then you know what classes to go take and the fundamentals that you need to take before you get into that class. So, I highly recommend taking the video term.

I come from an Active Directory background for more than 20 years. Coming into Azure was actually great. We had somebody leave the company who was managing it, and they said, "Hey David, I know you are working for this other pocket of the business. How would you like to come back to the identity platform?" I said, "Absolutely." So, it was easier for me to come up to speed in several of the advanced areas of Azure, e.g., conditional access policies. We are starting down a zero trust methodology, which has been very exciting for me.

I would give it a solid eight (out of 10). It has a lot of the features that we are looking at. I don't think there are any tools out there that will give you that one magical wand with everything that you are looking for, but certainly this comes close. Microsoft has been working with us to help us through some of the new features and additions that are coming.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Shlomi Cohen - PeerSpot reviewer
System Architect at Skai
Real User
Top 10Leaderboard
Very easy to set up new SAML and SSO integrations with support for all IDPs including Okta and Azure
Pros and Cons
  • "It's a very powerful platform. It has the ability to do the usual stuff, according to modern protocols, like OIDC and OAuth 2. But the real benefit of using the platform comes from its flexibility to enhance it with rules and, now, with what they call authentication pipelines. That is the most significant feature, as it allows you to customize everything regarding the authentication and authorization process."
  • "When they introduced the Organizations feature they did support different login screens per organization. However, they introduced a dependency between this feature and another called the New Universal Login Experience. The New Experience is a more lightweight login screen, but it is much less customizable. For example, today, we are able to fully customize our login screen and even control the background image according to the time of day. We have code to do that. But we are not able to write code anymore in the New Experience."

What is our primary use case?

We use it as an authentication platform for our customers.

How has it helped my organization?

With Auth0, you can stop the effort of having to keep up with the progress being made in the security and authentication world, like better protocols, better encryption, and better ways to connect with other systems. It's all managed in Auth0. At the organizational level, you stop worrying about how to connect Facebook users to your application, or how to connect with a customer's internal authentication system to log in to your systems. These were questions that, three years ago, we decided to develop answers for ourselves, but with Auth0, each integration now comes out-of-the-box, and it's only a matter of configuration.

What is most valuable?

It's a very powerful platform. It has the ability to do the usual stuff, according to modern protocols, like OIDC and OAuth 2. But the real benefit of using the platform comes from its flexibility to enhance it with rules and, now, with what they call authentication pipelines. That is the most significant feature, as it allows you to customize everything regarding the authentication and authorization process. I would rate its flexibility between a nine and 10, out of 10.

For example, one way to authenticate into our system is to log in with Google. Our service is not one that you can simply sign up for through the internet and then start using. You need to talk with one of our technical account managers, sign a contract, and then we start everything for you. So when a user logs in with Google, it means that every user on the internet can log in to the system. We needed to find a way to know if a user was already defined in our systems, and otherwise, to reject him. We wrote a simple Auth0 Rule to get the user's email from Auth0 after he authenticated, and we then use an API in our backend system to check if the user is legitimate. In this way, we filter out all those who are not our paying customers.

In addition, we like the integrations that are built into Auth0. For example, it has a built-in integration with Zendesk. It's very easy to set up new SAML and SSO integrations with our customers, as it supports all IDPs out there, like Okta and Azure, among others. 

Auth0 also has a very rich selection of social connectors that allow users to connect with their social accounts. We mostly use Google, but they support many others. In addition, their user interface is very intuitive.

Lately, it looks like they have been very responsive to customer needs since they brought out the Organizations feature in the last year, which is a very nice feature that helps customers like us to manage our customers. It's targeted at enterprise-scale solutions, allowing us to manage multiple organizations within the same tenant. We are seriously considering migrating to this feature. It's a process, but we feel that it will better support the customer model that we have in Kenshoo. We also need to be able to support customized login screens with different company logos. All of that is supported by Auth0, so this probably would be a much more important feature for us than the rules themselves.

What needs improvement?

When they introduced the Organizations feature they did support different login screens per organization. However, they introduced a dependency between this feature and another called the New Universal Login Experience. The New Experience is a more lightweight login screen, but it is much less customizable. For example, today, we are able to fully customize our login screen and even control the background image according to the time of day. We have code to do that. But we are not able to write code anymore in the New Experience.

We really want to take the Organizations feature, but on the other hand, it is coupled with the limitations of the New Experience. That is why we have put the Organizations feature on hold. It is lacking some customization abilities.

For how long have I used the solution?

I've been using Auth0 for approximately three years.

What do I think about the stability of the solution?

An important feature is the very good availability, the high availability. In the last three years, we have only faced one major outage in production.

What do I think about the scalability of the solution?

For us, scalability is less relevant. Our service is not characterized by millions of users. It's not like Snapchat or Instagram where you need to deal with a massive number of users. In our case, there are a couple of dozen users per customer. We have about 2,000 active users per month, meaning that a huge user base is not the nature of our business. As a result, I can't really say anything about Auth0's scalability.

I do believe that they are prepared for a much larger scale than ours. That's the feeling I get from my experience with the platform.

How are customer service and support?

When we faced problems with Cognito, we opened a ticket with Amazon and the response was horrible. Interacting with Amazon is really bad, especially if you have a problem and you need a fast response. And after a couple of tries, we moved to Auth0. 

With Auth0 you pay more than you do for Cognito, but you also get premium support. That means that you get a reply according to the severity of the ticket that you open, and that reply comes very quickly. Even for normal severity tickets that I have opened, I have always received a response on the same day. And generally, they have been very satisfactory responses. 

The only exception is when it comes to the features that we lack, but that is not something that support can help you with. That is more the type of topic you take to the product management team, and I respect that. I don't expect support to give me an answer or  a solution for everything.

We also have a quarterly talk with them where we can raise any issues or feature requests we have. The support we get from Auth0 is one of the reasons we went with them and one of the reasons that we stay with them.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We had developed something like this in-house some six years ago. Over time, we identified that it was a problem for us to chase the requirements and the changes needed to support more modern authentications, like SAML integrations, multifactor authentications, and other advanced security protocols. So we decided to try to find a vendor that would provide this for us.

How was the initial setup?

The initial setup and deployment of Auth0 was pretty straightforward. But to be honest, we are only using 40 to 50 percent of the features they provide. And when we started, we were only using about 20 percent of the features, only the authentication part of it. Our use of it was fairly simple. 

We initially started down this path with Cognito from Amazon. We wrote the whole integration with Cognito and, about two months into that integration, we found a critical issue that we couldn't live with. We didn't get a decent answer from Amazon about it, so we decided to move on to another vendor.

Auth0, obviously, didn't have that issue. The bottom line is that it took us something like two or three weeks to migrate the whole thing from Cognito to Auth0. So in terms of the setup, that was pretty fast. Even migrating from an existing, competitive service, another IDP, was not that complicated. Again, it depends on how many of the features you are going to use. We decided not to go with features that couple us to the vendor so that we would not be locked in. That is what allowed us to migrate to Auth0 in two weeks.

What was our ROI?

We haven't calculated how much development we have saved by going with Auth0 and whether that justifies the cost of our three-year contract with them. My gut feeling is that it has been worth it, but it's on the edge. I would expect some more flexibility on the licensing, but all in all, I think it was worth it, not having to develop this in-house.

We haven't measured whether we have seen a decrease in customer support tickets due to fewer password issues, but my sense is that maybe there has been a small decrease because the flow is standardized. In addition, we are no longer responsible for sending emails when issues arise or for making sure the email server is up and running, et cetera.

What's my experience with pricing, setup cost, and licensing?

Pricing of Auth0 is a pain point. Their pricing model is very confusing, at least for an enterprise. I don't like their pricing model. I think it's too aggressive. It's not very cheap for a service that only does authentication. There are some cheaper services, and we find the negotiations with them to be pretty tough.

One of the benefits of Auth0 is the SAML integration with SSO and other IDPs but it is priced very high. I would expect this ability to be included, because we pay them good money, and not priced the way it is priced today. This is one of the areas where we are not happy with Auth0.

Which other solutions did I evaluate?

We chose Auth0 after we did some research into other candidates. We looked into Cognito by Amazon because it was the cheapest.

We also looked at Okta, and although this might have changed in the last three years, at that time Okta didn't have a clear strategy to support a large volume of customers. It looked like they were more focused on enterprises and their pricing model did not work with the needs of a customer-facing authentication system. Today they have an offering for that, but three years ago it wasn't like that. 

We also looked at some on-premises solutions, like Shibboleth, but we didn't seriously consider them.

What other advice do I have?

We could manage without Auth0 Rules. We built an architecture in which all the communication to and from Auth0 is centralized in a single service, within our company. We could add this business logic to our service and have the same functionality. But the fact that it's available for us in Auth0 means we don't need to change our code or our service to support it, and that makes things a little bit more convenient. On a scale of one to 10, the importance of Auth0 Rules for us would be a seven.

The biggest lesson I have learned from using Auth0 is that when a company does something very well, you are probably better off using their service instead of trying to do it yourself. Doing it on your own requires investing in the development and the maintenance of it. Also, things change over time and you have to keep up. The policy in our company is that whenever a company does something very well, and it is not our core business, and the price is reasonable, we might want to pay them to externalize that product or service.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
Eric Brown - PeerSpot reviewer
Cybersecurity Director - Enterprise Identity & Access Management at a computer software company with 10,001+ employees
Real User
The day-to-day tasks, running the servers, and making sure that everything is patched is all handled by the platform
Pros and Cons
  • "Aside from Active Directory, anything that is a multi-factor platform is handled through Axiad Cloud. It is critical for helping to enforce usage of authentication devices across our organization."
  • "I would like a more modern look to the portal."

What is our primary use case?

We are using it for PKI and multi-factor authentication through push notifications and OTP tokens.

How has it helped my organization?

The added security has helped us mitigate quite a few breach attempts since the system was implemented.

We are able to realize the effectiveness of our SOC using the platform. Through their analytics, we have found indicators of attempted compromise. The fact that they weren't able to get in because multi-factor was enforced has definitely been advantageous.

At this time, we have not fully deployed a passwordless platform. We are still partnering with them to do this on the actual individual endpoints. However, for our external access, it does help enable passwordless authentication quite well for everyone and every use case, including workstation logon, VPN, and cloud applications. It is very well-received by our users. This is important for us because that is what we are moving towards. 

It enables users to self issue their authenticators and manage them over time in a single pane of glass in a simplified platform.

What is most valuable?

The most valuable feature is the overhead management of the platform. There is less for my team to worry about. The day-to-day tasks, running the servers, and making sure that everything is patched is all handled by the platform. We just consume the service and work with them to refine it, making it even more valuable.

Aside from Active Directory, anything that is a multi-factor platform is handled through Axiad Cloud. It is critical for helping to enforce usage of authentication devices across our organization. One of our requirements to continue some of our contracts is to have multi-factor authentication across all devices accessing the network.

It is extremely easy to enroll a user with “One Click Issuance”. I have had very few calls to the service desk regarding enrollment. It takes a couple of minutes to enroll a user with "One Click Issuance".

Deploying and managing authenticators is very easy, either done by a mobile application or enrollment of an OTP token. It is very simple. This is important to my userbase, which makes it important to me.

Functionality-wise, it is pretty solid.

What needs improvement?

I would like a more modern look to the portal. 

For how long have I used the solution?

I have been using Axiad Cloud for four years.

What do I think about the stability of the solution?

It is very stable. In the past four years, we may have experienced a total of 60 minutes of downtime, which is not much.

What do I think about the scalability of the solution?

It scales seamlessly. In the mornings, when we have our highest user load, the system scales by itself in the back-end to handle the increased user load. Then, during the day, it scales back down to save resources.

We are at 35,000 to 40,000 users. The solution is used and heavily integrated with all our multi-factor authentication entryways. We have plans to expand it to other devices and other platforms as well.

How are customer service and support?

The tech support is top-notch. They really know their stuff. The customer service is just as good. They are very polite and pleasant to deal with.

The tech support is very solid. Whenever we have had an issue, whether it is connectivity or other issues, they are pretty proactive in reaching back out to us. This is sometimes before we even know that there is an issue, letting us know that it might be something on our end or that they are working on something on their end that is unexpected. Therefore, they are very proactive.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Before Axiad Cloud, it used to take 10 or 15 minutes to enroll a user using the HID platform.

We have a long-standing relationship with Axiad. They helped us deploy the original HID solution. Then, we wanted something that was easier to use. That solution was all on-prem. We wanted something cloud-based that had higher resiliency and less administrative overhead. That is where we made the switch to Axiad Cloud.

How was the initial setup?

Anything multi-factor being integrated into an existing environment is complex. However, working with Axiad, it was relatively easy for my team to partner with them and get this deployed in a little over a month for about 30,000 users.

What about the implementation team?

We used Axiad’s service and customer care for the deployment. They were fantastic. They know the regulations just as well as we do. When you are speaking the same language, it just makes everything that much easier.

What was our ROI?

We have gotten the value that we were looking for with a simplified user experience. It took us three months from the beginning of the deployment to see this value.

It has driven down the number of our calls. This, in turn, saves labor hours on both our service desk and on the users. At this point, our calls to the service desk for multi-factor have dropped by about 35%.

What's my experience with pricing, setup cost, and licensing?

The pricing is very competitive for what is offered at the level that we need. They are right there with what the industry standards are. They tend to be a little bit less, in terms of cost, when we are talking about security at government standards. So, I would say that they have a slight advantage on cost compared to the industry average. They are the lower cost solution and the best bargain out on the market today.

There is just the regular purchasing of new hardware tokens, if we run out.

Which other solutions did I evaluate?

We looked at other options for PKI issuance with some of the other big players, Duo and Okta. However, we just felt that the level of security provided by Axiad was superior.

What other advice do I have?

Don't think twice about it. It really is a solid platform and well worth the money you spend. The technical expertise behind the team is top-notch. I would recommend them in a heartbeat.

I would tell someone who has deployed multi-factor authentication (MFA) for most of their use cases, but not all of them, "Hurry up and finish."

We have not deployed MyCircle yet.

I would rate this solution as 10 out of 10.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Flag as inappropriate
Vice President Information Technology at a manufacturing company with 11-50 employees
Real User
Top 20
Simple to use, easy to set up, and performs well
Pros and Cons
  • "The solution is simple to use."
  • "There's a dependency on Microsoft Azure."

What is our primary use case?

We have used the solution for our disaster prevention. We are using it for our VPN only.

What is most valuable?

Right now, we only have a small use case for the product, however, it has performed well. 

The initial setup is easy.

The solution is simple to use. 

The product can scale.

What needs improvement?

I'm not saying that we want to switch the product, however, since the requirement has increased, we are looking at other options that may be better suited. The scalability may not there.

We have a few specific use cases where we have to avoid the cloud. Especially in Europe, we're not allowed to carry their phone in factories. We need some sort of secure access solution. 

There's a dependency on Microsoft Azure. I am paying to SafeNet and in parallel, I also need to pay Microsoft to use the same service. That makes no sense, to pay double. If they could do something about it, that would be very good.

For how long have I used the solution?

We have used the solution for one year at this point.

What do I think about the scalability of the solution?

While the solution is scalable, we are using the solution in a very limited way, we want to be able to use some sort of solution for 20,000 people. This may not suit our needs. The scalability is an issue for us.

How are customer service and technical support?

I've never dealt with technical support. I cannot speak to how helpful or responsive they are when it comes to troubleshooting. We do have our own team that can handle support as well.

How was the initial setup?

We have found the initial setup to be quite straightforward. It's not too difficult.

What's my experience with pricing, setup cost, and licensing?

Their list price is very high, and it's really very difficult to know the right price for such services.

Which other solutions did I evaluate?

Our requirements have drastically changed. Likely, we will need something that can handle a much bigger requirement. If we go to Gartner we see that Okta is sitting at number one and SafeNet, Thales, is sitting at the bottom. That's why we are actually comparing different products. As of now, we are using it only in India, however, now we are looking for something that will suit a global requirement.

What other advice do I have?

We're just a customer and an end-user.

I'd recommend this solution. It's a good product. However, so is Okta.

I'd rate the solution at an eight out of ten. We only use it in a limited fashion. I'm not sure how it would do on a larger scale and I want to better understand their pricing model and if what we are being charged now is fair.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Identity and Access Management as a Service (IDaaS) (IAMaaS)
June 2022
Get our free report covering Google, Microsoft, SailPoint, and other competitors of Okta Workforce Identity. Updated: June 2022.
609,272 professionals have used our research since 2012.