One Identity Manager Room for Improvement
In terms of providing a single platform for enterprise-level administration and governance of users, data, and privileged accounts, One Identity is not yet there. One Identity recently bought OneLogin. They already had Safeguard and One Identity Manager. They have started integrating these three tools. I am also on the customer advisory board (CAB) of One Identity, so I have more insight into these things. I know that they started to integrate OneLogin and One Identity just recently. OneLogin is their access management tool. They use it for authentication and for SSO. It is a competitor for Entra and Okta, whereas Safeguard is competing with CyberArk, Delinea, and BeyondTrust. One Identity has indeed done good integration between their three products. However, the platform is not unified. You still need three URLs, which is not optimal. They are going there, but it will take them time.
The second thing they are not yet good at is their SaaS offering. They are behind in the market. They started with something in Safeguard, but it is a pretty basic offering. It is still a new baby. They have Safeguard On Demand, but it is just a hosted PAM solution. I did PoC for Safeguard twice. This is how I know this, but I have not used it. As PAM, Safeguard is a good product, but it is not a full-featured PAM like CyberArk or BeyondTrust. They are lacking in that aspect.
The integration between One Identity's products is similar to BMC's integration. I used to work with BMC products such as BMC Remedy ten years ago. I used to be an ITSM or Control-M guy. When BMC integrated its products, the integration was not well done. It was like two different entities trying to integrate with each other rather than one company giving you a fully-fledged platform. The same thing is happening with One Identity Manager at the moment. They are selling it as a unified platform, but in my opinion, it is not yet good. It is also not bad. There are things that I can take from it, but there is no complete picture. The problem nowadays is that vendors are getting into each other's areas. For example, CyberArk used to be just a PAM provider, so people would integrate with it, but now, CyberArk wants to do the identity bit. It has now become a competitor for other vendors, so they will stop integrating with it. SailPoint, at some point, stopped integrating with CyberArk. SailPoint and CyberArk's integration was good. This is what is happening in the market or between vendors. All of them are getting into each other's area. If you happen to buy another product from a competitor, you need to integrate it on your own. There is no integration plug-in concept between them. This is a bit hard for companies that already have a PAM and they want to buy a new IGA, for example, or vice versa.
They are trying to shift towards an Angular-based platform for their web portal or for IT Shop. That has been very long overdue because they did not modernize their web portal for almost three versions. They are doing it, but there is no feature parity till version 9.3, which is the upcoming version. This is a problem. For example, data governance is not included in 9.2 if you want to upgrade, but if you do not upgrade, you lose support. They have these issues with the roadmap in general. They give you options, but they are not always the complete options. To me, it seems that this company is going to suffer in the long run.
Another issue is that for admin requests, we have to configure the tool at least in seven different clients, which is unacceptable. We are in 2024, not in 1981 or 1985. Having seven clients for the same tool, or more, is just unheard of. To me, that is a very old design idea. I am on the newest version 9.2, and I am still doing that. To me, that is a big problem as an admin.
The relationship with the customers is extremely bad. That is not a technical problem. That is a company problem. They tried to fix that, but it seems they failed. They do not have the personnel. They have a hiring problem. They now rely on partners. They are a type of company where the partner is more of a vendor to you as a client rather than the company itself. If you want to pick any solution by One Identity, you need a very strong partner with you. If you do not, you will struggle with this product's adoption, roadmap, vision, and implementation. We struggle a lot as a client. I have been there. I have seen that. It is not easy with them. One Identity is based in Europe. Our account manager at One Identity resigned in May and till now, just to show how bad they are, we do not know who our new account manager is. We are in August.
Their Starling Connect roadmap or flagship is a failure. We had to withdraw from using it with SuccessFactors, for example. It had a lot of stability issues. Now, my understanding is better, but it caused a bad implementation, so we are not using it. They are not investing a lot in enhancing or extending Starling Connect. They are using Starling Connect as a propagation gateway to SaaS apps so that you have One Identity Manager on-prem talking to Starling Connect which is handling all SaaS apps. However, the roadmap for Starling Connect is not clear. Now that they have bought OneLogin, OneLogin can do that as well as an IAM tool. You can now bring any IAM or CIAM tool such as Entra, Okta, or OneLogin. They can be your propagation gateway. OneLogin and Starling Connect are competing products, and they need to unify them. They cannot have both products doing the same thing. When I discussed this with the head of engineering from their side, they were still defending having Starling Connect. I do not understand why because if you have a proper IAM such as Entra or Okta, that is your propagation gateway. That is it. You can do everything you want with it. You can merge the functionality, and that is it. You do not need Starling Connect. To me, this is confusing. You use a propagation gateway like Starling Connect because it has ready plug-ins to connect to SaaS apps and you do not need to create a custom connector every time. If you look at the number of apps that One Identity supports with Starling Connect, there are not more than 50, which is not a lot. There is a big difference when you compare it to Okta Marketplace or Entra Marketplace. You will immediately understand the difference. OneLogin's marketplace is better than Starling Connect, but OneLogin was not a part of One Identity before, so they had their own marketplace. Overall, the Starling Connect roadmap does not make sense to me.
They need to remove the dependency on VB.NET for backend development and they need to unify the front end. If they are selling it as a unified product, they need to give me a unified UX. This is something I have mentioned to Mark Logan himself. This is how ServiceNow won over Remedy. Having a unified UX and being able to turn on or off a feature is better than trying to connect three or four different products with different contracts. To me, the main thing is that they need to modernize their application. Once we do that, making it SaaS is doable.
View full review »Their support could be enhanced.
There is an area for improvement when it comes to intuitiveness. It has the ability to manage everything and does that fairly well, but that also causes a risk of drowning end-users in complexity. One Identity technology probably has the best way to handle the complexity that you want to tackle as a large enterprise. It can handle any complex use case you can think of, but that is also the thing they should improve on. They should keep it simpler for end-users, even though they are handling that complexity. They should handle all the complexity, but keep it simple for the end users, so the part they need to improve on is keeping it simple for the end users.
View full review »The user interface is good, however, there is space for improvement. Specifically, the way information is presented in the system could be refined so that users are not overwhelmed with technical details. They require more business information. We believe there is substantial room for enhancement in this area.
There is also room for improvement in how we integrate systems. In some instances, we could achieve deeper integration. However, it requires effort, and we must decide if it makes financial sense.
The downside of the product is it is complex and you need an implementation partner to help you develop it. You can't do it on your own.
View full review »Buyer's Guide
One Identity Manager
June 2025

Learn what your peers think about One Identity Manager. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,803 professionals have used our research since 2012.
What is missing is a mobile user interface for the end-users so that they can do simple things on their mobile phones on the go.
The time it takes to synchronize a large target system is often significant, often taking multiple hours. That is something that could be improved. I am aware that it is often due to the performance of the target systems, but it is a problem in day-to-day operations to have slow synchronization.
View full review »There are occasional issues with the UI or errors when servers are not up and running, often requiring a restart from cache memory and other related areas. For instance, I experienced delays while working in India. Canadian or US teams would restart systems in their morning, leading to wasted workdays for us, as we had to wait an additional four to six hours. This lack of 24-hour support is problematic from a testing and development standpoint.
View full review »The One Identity Manager web portal needs simplification. While a new Angular portal was introduced with version 8.2, the knowledge base lacks sufficient information and resources. Even with an Angular developer or a One Identity specialist, a knowledge gap exists due to the combination of AngularJS and One Identity schema expertise required. This makes it difficult to find resources that can effectively utilize the portal, highlighting the need for a more user-friendly interface.
One Identity Manager currently offers Long Term Support only for version 9.0. All other versions have a two-year lifecycle with extended support. For organizations managing a complex environment with numerous connected systems, users, and assignments, upgrading every two years is impractical. Extending support for regular versions by one or two years would benefit clients in this situation.
View full review »The client application should transition to a web-based interface to improve administration flexibility. Improvements are also needed in the analytics, peer comparison, and recommendation features, as these areas were added later and require more development. More flexibility in the portal is needed for multi-tenant environments.
View full review »
The new portal is in a specific technology that is more difficult to program. While it is a specific decision, the customization will become harder. A real SaaS solution could be provided rather than an on-premise product deployed on One Identity Cloud. Although we are not the target for this kind of improvement, a pure web-based SaaS solution could be beneficial for smaller companies.
View full review »
One area for improvement is zero trust. Besides that, performance is a big factor. I've heard from multiple clients that One Identity's front end is not so performance-optimistic. It depends on how you have configured and deployed the system. At the end of the day, I would say that's something they need to improve.
Still, whenever a critical bug is released, they address the defect pretty quickly compared to any other competitors in the market. At the same time, there is a problem with support. They have limited knowledge about things that may affect their tool. You are deploying this tool in a client's environment, and multiple things would impact it, like proxy servers, load balances, other infra technologies.
Because their company is so focused on just their tool and related technology, they can't support you much. At times, it becomes frustrating. While you are paying a little less than your competitors, you expect some support, compliance, or expertise from the company. If a certain load balancer is unable to handle your tool, you should know what load balancer would be perfect or what configuration you should use.
View full review »While we are not currently using privileged accounts, data governance is a concern. Reports and customization are expensive, and the user interface reflects this complexity. We've encountered issues with the cumbersome user interface and slow performance. Unlike products like SailPoint, we have limited control over customizing performance and the user interface. The tools provided for UI customization are not user-friendly.
The UI customization is tricky. The web interface product that One Identity Manager offers is a bit tricky to use, and no extensive documentation is available on how to do the customization.
Their support is inadequate. Raising a query often results in days-long waits for responses. Even when tickets are acknowledged, cases progress slowly toward resolution. Overall, the product lacks sufficient support.
While generic connectors exist, some specialized connectors require additional capabilities. Simplifying the connector process would be a valuable improvement.
View full review »PB
Puneeth Bandi
IAM DEVELOPER at a university with 10,001+ employees
It can have a clearer navigation map of the user interface and user provisioning. The documentation lacks step-by-step details on common tasks like creating roles, running action reviews, and version control. Enhancements could also be made to feedback mechanisms. In development, understanding workflows and integrating ORDM skills with SAP could be improved.
View full review »The platform's user experience presents several challenges. Its complex features and numerous tools make it difficult to understand without significant effort. The web portals and documentation are also not user-friendly, hindering knowledge acquisition.
We must create business roles specifically for the platform rather than due to architectural requirements. While this is unnecessary additional work, it is mandated by the platform. We believe utilizing system roles to grant application access would be more efficient. However, the platform necessitates the creation of business roles on top of system roles for access control, which we find challenging.
The documentation I found in their repository is neither interactive nor engaging. They should include simple examples or sample use cases demonstrating how to use the product for specific features.
For most applications, we must configure connections. One Identity Manager lacks a robust built-in connection system or connectors for diverse target systems. This area could be improved. Consequently, for built-in applications, we must define connections ourselves.
We are using an on-demand version for our client and have encountered some database agent issues. Therefore, the number of database agent issues needs to be reduced.
View full review »IJ
Igor Jovanovski
SME (Subject Matter Expert) at a insurance company with 10,001+ employees
In terms of user experience or intuitiveness, it is in the middle. I personally find it good. Based on the complexity, the vendor seems to have done a good job of providing a web shop kind of experience, similar to eBay or Amazon. You order something in the shopping cart and submit it. Another one approves it and it gets provisioned. It is in the middle because I have seen better and more lightweight interfaces. They are now introducing the Angular portal. There is a new design. It is better, but certain things are still a little bit hidden. It is not yet ideal. Things like attestations or segregation of duties are not that intuitive. People take time to learn. We need to train them on what they need to do. When we generate attestations, the guy who needs to attest does not intuitively know what to do. When it comes to SODs, it is even harder. People are unsure what exactly things mean there. We need to train these people. For core processes like ordering entitlements, they know what to do without any training or reading materials from us. For example, you order a group, somebody approves it, and then you get it provisioned. For such simple scenarios, we do not need to support them, but for the other cases, such as attestations and SODs, we need to write articles on the Internet. We need to do training. We need to actively support them and hold their hands.
The biggest complaint we get from the end users is the performance. When they click or submit something in the shopping cart, all the compliance checks for SOD rules are run. Sometimes, it takes two to three minutes for something to be submitted. It is slow. It has a bit of a bad reputation within the company because it is a slow product. That is the biggest drawback in terms of user experience. Performance has been a problem in the last 10 to 15 years. It is sometimes good and sometimes bad. Every now and there, you hear that performance is an issue.
The user interface could be more streamlined. The overlapping functionality among tools like the Sync Editor, Designer, Object Browser, and Manager needs better delineation. Currently, you have Sync Editor for synchronization. You have the Designer for scripts, procedures, and SQL development, and then you have the Object Browser for raw or low-level data adjustment there. You also have the Manager which is a user or operations management tool. These four tools overlap in their functionality. For example, you can administer schedules in Manager, Object Browser, and Designer. I see a little bit of overlapping there. You also have the Transporter that transports the code. If you open the binaries folder for tool installation, you will see 20,30, or even 40 files there. There are so many small tools for different things. They might have grown over time. They should differentiate a little bit between operations, development teams, and test teams. For operations, they have done a good job of centralizing things in the Manager tool, but for developers and testers, there is a little bit of overlap between Designer and Object Browser. There is one other tool called Web Designer. That one will become obsolete soon with Angular. Currently, some things can be customized by the operations teams in prod and some of the things need to come from the developers. The borderline is not very clear. There are gray areas. They might have fixed these things in the Angular portal.
Another thing that I do not like is that they are mixing useful data and code data in the same data model. Other tools such as SailPoint or Verix Identity are stronger in terms of the separation of useful data and code data, although they have worse data models than One Identity. There should be a cleaner separation between the actual usage data and code data.
View full review »The support model has room for improvement, especially when compared to competitors like Omada and SailPoint, which offer a more extensive global presence and support network.
View full review »Default connectors work fine, but certain connectors, such as SCIM to SAP Cloud Identity Services connector, have quite a few bugs. They are not so great.
Their support can be better. They can also improve testing of their product before releasing new versions. We have had a few critical issues after upgrading to a newer version, which also caused problems with auditing.
View full review »A major area for improvement is Web Designer. If One Identity Manager advances this, it will greatly benefit all customers. Web Designer is based on legacy Microsoft technologies like ASP.NET and HTML. I believe future improvements will resolve performance issues.
View full review »I would rate the user experience a six out of ten. While we have extensively customized the system, it's unclear whether these modifications directly relate to the One Identity implementation. Regardless, we continue to receive numerous complaints from users who struggle to understand how to request or perform actions within the One Identity Manager portal.
The ease of customizing One Identity Manager depends heavily on the user's knowledge of the tool. While customization is straightforward for experienced users, the tool is complex and requires significant expertise. Finding skilled individuals capable of maintaining or developing the system is challenging, particularly in Germany, especially with less than two years of relevant experience.
Implementing the business role functionality has proven challenging. While One Identity Manager offers potential solutions, effectively implementing business roles from the company's perspective is incredibly difficult. Unfortunately, One Identity does not provide tools or support to aid in identifying and designing appropriate roles, hindering the process.
The usability of the web shop is definitely an issue and could be improved.
One Identity Manager could be improved by enhancing connectivity to various cloud platforms, such as GCP, AWS, and Azure, as well as to cloud-based SaaS applications.
Upgrading to a new version is consistently challenging and time-consuming. This has been an ongoing issue for years. While necessary to access new features, upgrading requires complete system updates rather than individual modules. Subsequently, identifying and verifying changes in the new version is incredibly difficult. Our customization process mandates comprehensive testing of all functionalities after each upgrade, resulting in significant labor and time costs, making the overall experience highly burdensome.
View full review »The migration from one version to another requires a huge amount of effort. The user interface could be modernized. The old one is outdated and will be completely deprecated next year.
View full review »There are functionalities we needed to build ourselves, such as cleaning the direct entitlement assignments if inderect exists. The user interface can sometimes be a bit confusing for end users, for example during attestations, as completed tasks simply disappear without indicating that there are no pending requests left any more and therefore end-user is unsure if they have completed all theirs tasks.
View full review »In regards to the front end, the portal that is offered to our users needs improvement. There is room for improvement on that side, particularly in user experience. It is not as intuitive as I would like. If there is something to improve in One Identity Manager, it is the end-user experience.
The database structure is quite complicated. I don't know if it can be improved or if it can. It will probably be a long journey. The most important thing is to think of our customers, and then the user interface is the part of the system that needs some improvement.
We can customize it, however, we need skilled resources to do so. There aren't as many skilled people in the market.
View full review »PT
Pavan TV
Sr IT Specialist at a comms service provider with 11-50 employees
One Identity Manager's slow loading speed has been a recurring issue for users. This is likely due to the overwhelming number of entitlements, nearly 100,000 associated with the products. The high load is further exacerbated by the simultaneous access of thousands of users during peak times. To address this, we have implemented measures such as increasing server RAM, but the underlying issue of product-related entitlements remains a contributing factor.
While out-of-the-box features are typically user-friendly, our clients' customized user account creation and the added complexities of sub-entities and account sub-entities have made it challenging to leverage these features effectively. We plan to phase out these customizations and revert to a more standard configuration to streamline our processes and reduce long-term maintenance costs. Unfortunately, this transition has temporarily limited the availability of certain out-of-the-box functionalities. Furthermore, the extensive testing for our customized system is time-consuming and resource-intensive, as numerous scenarios must be evaluated to identify potential bugs.
The user interface of our web shop, which customers interact with directly, needs improvement. The front end's speed could also be enhanced. This might be related to the infrastructure of our client systems, but I need clarification. Regardless, the front end, which is the customers' primary point of contact, should be redesigned and optimized for a better user experience.
View full review »I would like to see more access management features incorporated into Identity Manager. Modern access management should have some built-in authorization features. Although these are present in the OneLogin platform, the cloud environment is not an option for every customer.
View full review »One Identity Manager needs better documentation and more examples, especially for beginners, as it has a steep learning curve. They have rich forum but it often contain outdated information that could be improved for better guidance. If something is not working, we need to easily find out if it is a product defect.
The interface could be more customizable and developer-friendly. There's a different tool for everything in Identity Manager, so it would help if they could consolidate everything into one or two tools. A developer needs to use three or four tools to do various things, so we need to log in to multiple tools when we make changes. It's a pain if we want to do something quickly, and it's harder for new developers because they have to remember which tool they need for a task. It would shorten the learning curve.
I've worked with two versions of One Identity. The earlier version was heavy on customization. We had mastered that because we were doing customizations. We knew how to change things and had our own SOPs, documentation, etc. In the last year, One Identity changed its UI. That involved a lot of code that is invisible to us, minimizing the amount of customizations we can do. To do some minimal customization, we had to try different things and almost break our dev environment. Once, we had to reset it using the backup because it was not coming up because of all the changes we did. Also, there is no clear documentation
According to feedback from my users, the user experience is more of a mixed bag. Many of my users had problems with the password reset portal. It asks for a CAPTCHA code before they can log in. It's a standard feature, but how the CAPTCHA is displayed isn't user-friendly. People did not like it. We tried to customize and change that as well but had limited options. Aside from that, the normal UI is good, and we have not had much pushback.
While the export and import feature is handy for minimizing gaps in governance coverage, we still need to use separate products like GitHub and other similar tools to maintain consistency between environments. There is nothing built-in to help us maintain configurations across environments. If they come up with something where I can quickly compare both my environments and see the differences, that'll be great.
Identity Manager is good at managing identities, but I don't think it suits privileged accounts. IAM is split into three subdomains: IGA, access management, and PAM. One Identity is sufficient for IGA but cannot handle the others.
The compliance reporting could be improved. One of the key requirements of SOC or any other audit is a snapshot of the system's configuration. The audit requires you to certify that the queries for generating the report have not been changed and that the configuration is the same as it was the day before the audit.
We take screenshots with the timestamp and give them to the auditors. That's cumbersome to do, even if we're only audited once or twice yearly. I take a screenshot and then show them the time to prove that the configuration is consistent. We have built-in processes to take regular screenshots and store them in a secure place for the auditors. It would be helpful if One Identity stores the configuration details as a snapshot. It would also help with any rollbacks or change reviews that the organization might want to do.
View full review »Transitioning from legacy technologies, like for a seasoned web designer moving to Angular, can be challenging and requires dedicated learning. To ease this shift, One Identity Manager could provide reusable components, similar to other systems, which would streamline the learning process and allow for greater customization.
View full review »
The user experience has been a concern in the past, particularly with the web interface, but improvements are expected with the transition to Angular. The support from One Identity is very poor. The response is often delayed and lacks actionable advice, such as suggesting updates without confidence in their effectiveness. It is crucial for them to expand their support team to match their product's success. More comprehensive testing and detailed best practices in handbooks could enhance problem resolution.
View full review »
One Identity can be complex to customize, depending on the scope of the project, the existing system, and the architecture. If the underlying architecture does not suit what the user wants, you must rebuild it entirely by moving data, changing data objects, etc. In a production environment, that can do much harm because these processes and data inputs will change. If the scope is not so robust, you can customize as much as you want.
On an existing project, the standard was kind of poor because they didn't use experienced consultants to do it. You had to consider rewriting a lot of things, changing how the code works, or redesigning processes. These are not hard things to do, but may just take time. Time will always be a major factor to consider when customizing.
The end-user interface is intuitive and easy to navigate, making finding information within the portal simple. However, extensive customization can complicate management. From a technical standpoint, the backend is more complex due to managing multiple client tools for various One Identity Manager modules. While these tools interact, their number can overwhelm new users, hindering their ability to effectively understand and utilize the system. The front end is user-friendly, but the back end presents significant challenges.
One Identity Manager is a complex tool with multiple components and a convoluted backend. Its various clients for managing different tasks can confuse IT and non-IT users. Simplifying the tool and streamlining processes would be beneficial. Additionally, while the out-of-the-box connectors are helpful, incomplete support for certain objects hinders efficiency. Providing full support for all objects would enhance the tool's usability.
View full review »The out-of-scope connection for the cloud data applications could be better. We have to contact the data on the connection center if it's coming out of the process.
The UI may need some improvement, but it's still great. GraphQL Cloud isn't quite visible yet to the end users, and they said there are some issues there because we have lots of users on board, so it takes time to reflect when the approval is going through and who they should contact to get it approved. The smoothness in that UI performance could be better.
The user interface design could be improved, especially during checkout and navigation. The web portal, for instance, can be confusing at times, with buttons and steps not always clearly defined. This can hinder efficient task completion. The portal should include quick guides to assist users, as the descriptions can sometimes be challenging to understand.
I used several cases to ensure consistent governance across test, development, and production servers. While this approach is common with transports and other tools, it's less familiar in One Identity Manager. I found the One Identity Designer more suitable for this task. Therefore, One Identity Manager is not optimal for achieving this goal.
View full review »One Identity Manager's usability could be better. While user experience isn't a top priority for enterprise applications unlike customer-facing ones where ease of use is crucial, there's still room for improvement within the industry standard. One Identity Manager is on par with competitors like SailPoint and Omada, but overall, enterprise applications tend to prioritize functionality over a sleek user experience.
One key area for improvement is implementing continuous integration and deployment. CI/CD automates deployment across environments, streamlining the process and reducing the manual effort currently required. This would move the company away from a slower, waterfall-style deployment process and improve overall efficiency.
The user interface for submitting IT requests could be more user-friendly. While there have been improvements to the look and feel since we purchased One Identity Manager, there's still room for a more customer-driven experience on the end-user portal.
View full review »One area where One Identity Manager could be improved is in database performance. When handling a large number of users, I believe that built-in indexing or other optimizations would be beneficial. This would reduce performance-related resource needs in a production environment. Additionally, it would be helpful to have more visibility into job aspects within the tool itself. Information like the number of jobs in the Data Designer, along with date logs, would allow us to directly manage and terminate jobs as needed. This would lessen our dependence on the database team. I believe that these improvements would streamline operations.
There are a few aspects of One Identity Manager's user experience that could be improved. Users sometimes find it confusing to navigate and understand how to use the tool effectively. As a result, customizing the front-end interface could be beneficial. For example, currently, users need to check multiple reports to gather complete information, which can be time-consuming and frustrating. Implementing a way to streamline this process, such as displaying relevant details directly within the application, could enhance user experience. Additionally, the current system requires manual creation of service catalogs for each application. It would be beneficial to implement pre-configured, out-of-the-box options for common applications like ServiceNow. This would save time and effort for administrators and improve the overall user experience.
While I'm comfortable making back-end customizations, I find front-end customization to be challenging.
It would be convenient if One Identity Manager offered a feature that allows bulk deployment and monitoring with a single click.
View full review »The customization process should be simplified.
View full review »SK
SanjayKumar10
Manufacturing Executive at a manufacturing company with 10,001+ employees
One Identity Manager needs to come up with many more out-of-the-box connectors, similar to Workday and ServiceNow. There's a scope for One Identity Manager to improve itself.
The reporting feature should be improved similarly to other IGA products.
Unlike other solutions, One Identity Manager doesn't have a strong support team.
I consider One Identity Manager as a niche solution because we have a demand for it, but we can't find the proper skill set in the market. That is the highest pain point with this solution. Other vendors, such as SailPoint, Saviynt, and even Oracle and IBM, reach out to people to provide materials and make them aware of their products. This leaves One Identity Manager at a disadvantage.
View full review »AK
Ankit Kashyap
Works at a consultancy with 10,001+ employees
One Identity Manager is a comprehensive but complex solution. Even for developers, gaining a deep understanding and implementing customizations would require significant effort. It is a challenging product to both implement and comprehend.
The reporting and auditing functionalities within One Identity Manager could be enhanced, particularly in the reporting area, which would benefit from a wider range of pre-built reports.
View full review »One Identity's UI is fine once you get used to it, but it's a little harder to learn than its competitors. The font size is too small. You need bigger screens to host that application. The website and portal are fine, but the manager, designer, and other standalone applications used for management or configuration are too difficult to use. The UI should be easier to use, and they should reduce the number of standalone applications to three or four.
Customization is somewhat difficult in One Identity Manager. The problem is they're using VB.NET, which no one uses. There are no resources because One Identity isn't available on YouTube or any coaching institutes.
I also find it difficult to add resources to the business roles because we have to use many options in One Manager for that. We have to add it to the IT shop so that the users can submit requests through the web portal, and we must generate that IT shop structure to add resources to the business. There is a lot of complexity in that.
View full review »It has problems with performance. This is a very serious issue for us. Other than that, it's really capable. The performance is what is missing. It's really poor.
A second problem is the visibility in the search functionality. You don't have flexible search capabilities when you look for either roles or users. You cannot use multiple attributes. The search fields are very limited and that definitely needs improvement.
Also, the interface is really old. From that perspective, it's a six out of 10.
Another issue is that it is really difficult to customize it to our needs. If "10" is super-difficult, I would rate the customization at eight. When it comes to the options, it is super flexible. From that perspective, it is really strong.
View full review »The documentation is poor. For example, the synchronization editor has a lot of things happening, but there's just a description. If you want to do something specific with that like create custom views, they just say go to the extension and select the UUID. However, if we don't have a UUID for this view, it will not work. That isn't in the documentation.
It extends governance to cloud applications and it's complete, but there needs to be more connectors for it. That's the only thing I don't like.
One Identity could add more connectors for various services we integrate. We need to build and configure custom connectors for our clients with complicated environments and multiple data streams.
View full review »One Identity Manager can be made more user-friendly for end users. Out of the box, it can be difficult to navigate through the drop-down menu, especially when it comes to accessing the subcategories.
View full review »DA
Danial Arshad
IT Architect at a consultancy with 1-10 employees
There is room for improvement in terms of the ease of adding custom forms to onboard contingent workers. IT Shop is a great tool, specifically in terms of the self-service mechanism where it allows users to request different accesses. However, there are no prebuilt or easily customizable forms that developers can use to create onboarding forms for contingent workers. In most organizations, contingent workers do not have any authoritative source as HR. The majority of the time, the only authoritative source is the Identity Manager or the Identity Management department itself. I would love to see any enhancement in this regard. For user experience and intuitiveness, on a scale of ten, I would rate it an eight out of ten.
There is no out-of-the-box or very easy way to configure processes to manage non-human accounts. The functionalities that we have built are totally customized on top of what One Identity provided out of the box. It would have been nice to see some out-of-the-box or plug-and-play features available for it. However, the functionality was there, and we were able to scale up in terms of customization. Whatever we did was totally customized.
There should be some ready-to-use templates or utilities as the other Identity product providers have. There should be some sort of features that you can enable or there should be utilities that you can even purchase at extra cost. For example, it would be nice to see the utilities to manage privileged accounts or forms, onboarding forms, or other small things that different clients can leverage, even if it comes at a fraction of the cost.
The overall documentation needs improvement. This product has a lot of features, but people are not aware of it. The depth itself is still unknown.
Skilled resources are very difficult to find for One Identity, which leads us to the conclusion that there is very little certification or free information that users can just opt for and learn. In addition to the documentation, they should also provide more resources. Free training for partners would be nice because being a manager, it is very hard for me to locate skilled resources for this tool.
View full review »The One Identity Manager documentation could be improved. Despite using the solution for six years, I encounter difficulties understanding certain features due to unclear explanations in the documentation. Additionally, while the One Identity Manager community has the potential to be a valuable resource, the community site does not effectively assist all users.
The report site could be improved because while One Identity Manager offers around forty default reports, our customers find them insufficient for their needs. Consequently, we must create custom reports to meet their specific requirements. Although building custom reports within One Identity Manager is straightforward, enhancing the existing default reports would greatly benefit our users.
View full review »Sometimes, when we implement One Identity in the organization, customization has to happen. You cannot skip the customization. You cannot just implement the One Identity model and go ahead with it. However, whenever we make any customizations, the logic of the customization can interfere with the existing logging of One Identity. All such things have to be a bit clear. They have to be well documented. One Identity should provide information about how these things work. This is the only thing. There are some gaps in that, but One Identity is trying to bridge those gaps.
View full review »One Identity Manager's user interface can be confusing due to its multiple UIs. Having worked with ForgeRock Identity Access Management, which has only two UIs for access and identity management, I believe One Identity's interface is significantly more complex and challenging to navigate compared to ForgeRock or other similar tools.
View full review »It's customizable. However, that's also the downside. It's a bit complex and there are so many possibilities. You need to have good developers who know what is standard and how it's meant to be used before they adjust all kinds of stuff. It is possible to configure and change a lot of things and if it's not good enough, you can use custom code.
They should offer more best practices and documentation for every functionality. It would be helpful if there was a demo environment to show the possibilities and how they can be used. That would help with the learning curve.
View full review »SM
User:761226
Consultant at a tech services company with 11-50 employees
Items that can be improved in the solution include pricing, integration, support, and analytics.
The update processes for hotfixes need improvement. There are bugs in the system, and even though there are not a lot, there's no information about it until you happen to stumble upon it and then talk to the support, and then the support informs you there has been a hotfix for that for two months. Users need to be informed they exist in advance.
Integrations are basically always able to improve. They can always have more standard connectors, more prepaid workflows, more templates, and stuff like that. That said, with the standard rest API and C-sharp and power share connectors you can basically do everything that you need to do even with stuff that is not supported.
The product's GUI could be more user-friendly.
One Identity can improve its Password Manager solution for custom requirements. We want to manage different environments, such as test environments, and we want to manage their passwords, but we can't use this solution because their environment does not have its own connector server.
I'm not sure if One Identity already has it or not, but there could be a Privilege Identity Management solution from the vaulting side in the One Identity family.
The user interface can be a bit clunky. It could be more modern.
Its documentation could be better, especially around complex configurations.
Support could be better as it is part of the user experience of the product itself.
View full review »ST
Telaprolu
Software Developer at a insurance company with 10,001+ employees
There is some room for improvement with One Identity Manager. The Metamodel is not developer-friendly, and the web designer customization could be simplified. The report editor tool needs an update as its underlying technology is outdated. Additionally, a stronger community portal for quicker support responses would be beneficial.
View full review »One Identity Manager is an incredibly powerful product, but sometimes people need something simpler. The solution should come up with a lighter version so people can buy different versions. I want to see more analytics and not just analytics in terms of reports but actionable analytics.
View full review »In terms of improvement, the web portal for end-users in One Identity Manager has improved but could still see enhancements. The training for admins is crucial, and once you gather the knowledge, it becomes fairly easy. However, documentation could be better, especially for new features. It currently doesn't cover everything comprehensively, making it challenging to navigate some aspects. Improvements in documentation would be beneficial.
One Identity Manager doesn't provide all the user interfaces we need for business users out-of-the-box. This means we need to customize the web portal to display all the information we want to make available to them.
The ROM control modeling has room for improvement.
The user experience can be more user-friendly.
How One Identity Manager deals with disconnected systems needs improvement.
View full review »The One Identity system is very modular. The product is similar to an erector set, where you can do the same thing in many ways. While this is great, it also can allow you to set yourself up for failure later. The product does require some level of developer skills, so having the ability to make system changes without being a developer would be a plus.
A tool called Analyzer is included to assist with birthright generation. The tool isn't very user-friendly. It would be helpful to have a tool to more easily find common groups across departments or teams so more groups could be managed in an automated fashion.
View full review »The user interface needs to improve.
View full review »One Identity should open the market with accessible training material and content so that more developers can be available. They have to improve their marketing strategy, partners, and vendors. One Identity should be attracting engineers to learn their product and get certified. They should have strong forums. They could have a certification program where any engineer can get certified. However, their overall approach is complex, which I do not prefer.
The platform isn't very intuitive like the others, but One Identity Manager has migrated their review scripting to the Angular framework, so now it's good, and they're competing with others from the UI perspective.
One Identity Manager is a little complex from a development perspective. If you compare it to SailPoint, it is easy, but One Identity Manager has so many separate components that it is quite complex for development. And sometimes, we have seen some performance issues.
JA
Javeed Akthar
IT Engineer at a tech services company with 10,001+ employees
The identity governance components have some room for improvement, particularly the ability to terminate an employee's ID after leaving the company. Customization can be difficult because One Identity uses specified attributes that we must use.
View full review »There are too many different user interfaces. For example, one is the designer and another is the manager. There's also a web interface and an object browser. It would be helpful to consolidate all of those into a single administrator portal.
View full review »I have used One Identity Manager for S/4HANA from SAP, and that was a very complex integration. S/4HANA has a very complex permission structure, and you cannot find the segregation of duty. That means you cannot do policy violations and policy checks. One Identity Manager does not provide a very flexible way to do segregation of duty based on the permission structure of S/4HANA. Doing so is beautiful in SailPoint, which has a more robust way of doing it.
Also, integration with various applications should be made smoother. It is very difficult right now for regular implementers.
Access reviews are another thing that is not that good in the solution. It needs improvement.
Entitlement management is another area where I have struggled a lot, wherein you try to manage the access of users to various applications. It is not that smooth in the solution.
These last three items need to be improved on a very urgent basis.
View full review »End-user UI customization is difficult and requires some knowledge of proprietary Angular technology. Every time a customer asks us: "Hey, can we modify this form in the UI?" or "Can we integrate a new form?" it's difficult to do. It's possible and we usually do it, but coding form changes typically takes two to four weeks, depending on the changes.
There is also a lack of connectors. One Identity has between 10 and 20 connectors compared to SailPoint IdentityIQ, which has about 100 connectors. Quest is improving on that. They do have cloud connectors and you can expand the number of connectors. They know there is a gap. But the connectors One Identity has are the most common connectors among all organizations.
View full review »Using dynamic business roles can degrade the performance of One Identity Manager.
I would like to have better documentation for configuring other Microsoft systems.
View full review »I would like One Identity Manager to offer an easier way for users to learn to use their new features.
View full review »It is a very powerful solution, but when it comes to doing some complex parameterization or authorization, we end up coding. Comparatively, CA solutions require less coding. It is more powerful than the CA solutions, but you end up with coding in VB.Net or C#. Complex parameterization could be better from their side. There can be more documented templates where you can take a piece of code and deliver a specific use case. I cannot find that in the documentation. Sometimes, you can go to the community, and sometimes, you have to use their support.
View full review »I would like them to enhance the search functionality to enable faster processing when looking for objects. Ideally, the system should automatically identify relevant entries and promptly present the results, eliminating the need for users to input search criteria each time they look for specific objects.
View full review »You do need to learn it. It’s not something you get from the beginning. It’s not like Windows. It is more complicated. You need to know a few things from the back end, however, as you learn it, it becomes easy.
View full review »I would like to integrate automated testing with One Identity, and it would be great to have some support from the vendor on here.
View full review »The implementation of the tool and management on the infra side is a bit difficult. They can simplify implementation and management, making it easier for more customers. Other market tools have better implementation capabilities.
View full review »The tools within One Identity Manager are distributed, meaning there is no unified platform that covers all development, configuration, and installation details. Instead, there are separate tools for each requirement, such as object browser designer, manager tool, synchronization editor, report designer, job queue, and DBQueue. While these tools have built-in functionality, it can be tedious to learn and implement them all. This is in contrast to SharePoint, where all requirements related to role management, workflows, provisioning, and connector configuration can be implemented in one portal. In the case of One Identity Manager, different tools need to be used for each respective requirement. For example, the sync editor is used for connector configuration and related synchronization, while the job queue and DBQueue are used for monitoring jobs.
One Identity Manager is currently in the process of modernizing its UI, which I hope will result in a more user-friendly interface for its Identity Manager. However, it is uncertain whether they have plans to consolidate their various tools into a unified system to simplify configuration and tasks.
It is important to note that this modernization effort is a long-term goal, given that this solution has been in the industry for over 20 to 30 years. Despite its age, it remains one of the leading solutions in the market and is recognized by Gartner and other similar institutions as a top solution.
View full review »SS
Srivalli Sristla
IAM Engineering Manager at a construction company with 10,001+ employees
In terms of the policy and role management features, I have a mix of opinions. In terms of role management, it is okay, but I would like to see the product go more towards attribute-based access management. Regarding the policies, it has been okay working for our environment so far, but I would like to suggest some improvement along the front of synchronization. That would be nice.
One Identity Manager has had a little bit of an impact on our cloud-IT strategy. Right now, they run an on-prem solution. Our preferred solution for cloud is Azure. So, we have yet to determine how we want to take this forward, because at this time, we are only using Graph APIs to do some Azure-related actions.
If there could be some connectors for more things, like a Cosmos DB connector, then that would be helpful.
It is a great product. I don't know why it is not so marketable in the US and not used as much in the US as opposed to the EU. Sometimes, I feel like it is very hard to find people because the solution is not as popular in the US. If you need to find new resources, it becomes tough since some people are hesitant to learn a product that is not well-known. It is hard to find some people with exactly this experience because it is not so popular in the US.
View full review »I would like to have more advanced features and reporting added to One Identity Manager.
View full review »The interface can be a bit complex for an administrator to manage. I've used it for a long time; however, for a bit, I was confused. They need to work to make it easier to understand more quickly.
View full review »CT
Carlos Tum
IT Consultant at 4 Rivers GmbH
The user experience is good, but it can be improved. There are a lot of features in the administration part, and they need better documentation. For example, they need to explain the main reason for a feature, and what the tables are in the database. It needs better documentation about all the features that are in the solution.
They have a lot of documentation, not only about the installation processes, but also for the development side. For example, in the new IT shop that is using Angular, there are a lot of functions—more than 1,000—that don't have any information about what they do. The documentation is really important.
Also, the documentation for the Data Governance Edition must be improved.
In addition, when tasks are running in a tree, there should be an order. For example, if we have five tasks in a tree, we should be able to say this one is first, and the next is number two, then three, four, five.
And it's important to have compatibility to use gMSA, group Managed Service Accounts.
View full review »There is a small area inside the administrator's GUI that could be a little bit more organized.
View full review »The product must include SaaS in the future.
The use of the administrative tools is cumbersome because too many are required for configurations. For example, the solution requires master usage of eight different client tools so it is excessive to manage the product. A small fix or deployment requires opening three or four different client tools that are not intuitive or easy to use.
The user experience and interface need additional improvements. Version 8.2 included improvements to the GUI and the inclusion of Angular JS which is better. However, the interface for 8.5 is a bit basic.
Mastery of VB.NET is required to develop using the solution. Most developers use Java or .Net and VB.NET kills the vibe. We have to use VB.NET internally when working within the solution and that really needs to be modernized. To be honest, no developer is interested in learning VB.NET because it is a substandard language compared to newer options.
View full review »A room for improvement in One Identity Manager is its analytics. Though it's getting better from version to version, the analytics feature still needs improvement.
I would appreciate more analytical features in the next release of One Identity Manager, so I can do a better analysis. Another vendor, for example, has a self-certification system where you can send people, then create a type of profile or screen for each person, and the person can see his entitlement and the risks behind that entitlement, so then the person makes a decision on whether he wants to keep or let go of it, and that's an out-of-the-box feature that would be good to see in One Identity Manager.
Another feature I'd like to see in One Identity Manager that would be very interesting is integration with SIEM or any log collection product for both access and usage. For example, I'd be able to see that I have access to a particular application and also get information on how many times I've accessed it in the last year, last few months, etc. It's a feature that would be great to have in One Identity Manager.
View full review »MH
Marc Hotescheck
IT Architect at a tech services company with 501-1,000 employees
The web interface has room for improvement. It could be more performant and the design of the web interface is relatively complicated. It could be simplified.
View full review »The solution can be improved from a front-end point of view. It slows the portal down. The tool is too customized in our organization, and we face many challenges with the portal. We were able to make some improvements performance-wise to the portal slowness. It is particularly slow if you are using it in a large organization.
View full review »Having new features for web developers in the One Identity Manager shop is an area for improvement. Another area for improvement in the tool is its ServiceNow connection as ServiceNow is a major ITSM system player, but the current out-of-the-box feature proposed by One Identity Manager can only make simple incident requests to the system. My company is now in full ICL design, so it prefers for all concerns or requests to be sent properly to ServiceNow, so my company can have better control over the incident requests and be able to sort those out.
The tool fits all my needs today, except for the ServiceNow connector. That's the only additional feature I'd like to see in the next release of One Identity Manager.
View full review »MT
Matt Thomson
Principal Consultant at CyberCX
The blessing and curse with One Identity Manager was its flexibility and the ability to solve business problems in a number of ways. We fell into that trap of over-customization which made upgrading the product difficult. An improvement would be to offer guides on how you should set up a base configuration. There should also be integration guides to key systems like Active Directory.
In addition to that, we had some slowness with the IT shop when we had significant amounts of data, users, etc., in the system and there were some slow database queries that needed to be optimized and patched. This caused some slowness when running Attestation campaigns.
View full review »There is room for improvement to their password self-service tool. We're actually leaving that tool right now because it's just been horrible. We've discussed that with them, but for such an easy functional feature it is lacking.
Number two is their upgrades. We're going to 8.12 right now and everything is running very smoothly but this is actually the first upgrade that has gone off well. Even the other "dots" have taken us six months or longer to get through QA testing. Those are the two key areas for improvement.
View full review »AT
AhmedTaha1
Software tech lead at 1DConsulting
The performance could be better. I also think One Identity could improve its documentation for developers. Many of One Identity's features aren't fully documented. We don't have enough information on how to use them.
View full review »The philosophy behind One Identity Manager has always been that there's not one way of working and that you can set it up according to your own identity and access management philosophy, but what would make it better is by shortening the setup time and the learning curve time. If the team could create some best practices with a wizard to set the solution up within companies, that would be a killer feature and would help make identity access management more approachable. That would also help companies that don't have the resources or a dedicated team to set up One Identity Manager.
What I'd like to see in the next release of the solution is the addition of just released application governance parts. That would sound promising. It would also be interesting if the team sets up best practice startup wizards, so you could set up One Identity Manager according to selectable best practice wizards instead of setting it up completely by yourself.
View full review »One area that could be improved is the speed of performance - it's often a bit slower because of the size of its database.
View full review »My largest issue with the product is the ability to customize the web portal. There is a tool that allows this to happen but it is difficult to use (except for minor changes like logo, color scheme, or basic edits, such as displayed columns on an object. Then, to make it worse, the documentation is not helpful at all in describing what pieces do or how to use them. Even after training, I would not be confident in attempting any large change to the portal.
For certain, this is the area that I think needs the most improvement from the current state.
View full review »EF
Eva Ferk
Identity Manager at University of Maribor
Improve the implementation of additional One Identity Manager’s features. This we are going to focus on after an upgrade to release 8.1 will be finished.
My only complaint about this solution is the price, as I think that the cost of the full user license is a little high.
A feature that I would like to see is a mobile app that provides users the ability to make changes or add users to the Active Directory on the fly.
View full review »MF
Massimiliano Ferrazzi
Senior Manager Global IT Operations at a healthcare company with 10,001+ employees
We are currently on an old system, an old version. We're working on upgrading to the latest version. So when it comes to cloud-IT strategy, for example, at the time we implemented this version it was not yet a consideration. We are now starting to develop this area, and One Identity will play a key role in our cloud strategy.
Most of the issues that we are suffering from today will be fixed with the new version.
The more we have integrations with other systems, for creation of user accounts for different applications, the simpler the scalability and the usability of the system will be. That's what will make our lives easier.
I've seen that in the new version we're going to have connectors related to ServiceNow. That's a huge feature that will be important for us because we're using that system. Salesforce integration, more integration with SAP and with the internet of things would be good.
We also have system devices that we could manage as identities, so that would be a feature to add.
View full review »I don't have my list at the moment, but there are things we would like to have. One of the things we would like is the ability to have more than one system role manager. That would be nice.
For example, when people are on vacation, sometimes it gets a little hard to administrate system roles. Usually, one of us has to change our role to the system role manager. In addition, we have a few systems that have many owners. They could manage the rights and access to their systems with that function.
View full review »This is getting at really detailed functionality, but the system role manager, or some of the roles that are inside Identity Manager, are limited to one user. It would be more flexible if these responsibility roles could be attached to many people. That's an issue for us at the moment.
I would like the ability to have different user accounts and to have a flexible way to order things. For example, if you have a domain with a lot of sub-domains, for the end-user it should be easy to order to these other environments. But you would have to have sub-identities. We have tried to create different kinds of solutions for this.
View full review »RA
Riyas Abdulkhader
Security Architect, InfoSec Consultant at Confidential ( Sensitive Industry)
The support documents and data sheets should be made available to the implementation of folks the product website. There's is less documentation available to the public.
There should be installer version available than a portable/web-portal which will be more useful during the testing.
AE
MrOak
Senior System Administrator at a manufacturing company with 10,001+ employees
Make logging and debugging easier to find, I never quite know which log to turn on for which use case (just for my tools, for the job service user, etc).
Setting up permissions inside the admin tools could be easier, maybe have some roles already created and configurable, like helpdesk needs to view persons, accounts, requests, but not change anything, maybe be able to set delegations etc.
View full review »The web portal can be a bit muggy at times. This is one of the key complaints from our customers. This is a major issue with version 6, and while version 7 is slightly better, I am hoping this is fixed in version 8.
View full review »We would like the product to integrate with ServiceNow, since One Identity Manager and ServiceNow are two of our better tools. An integration between these two tools would be better for us.
View full review »PS
Pascal Stockmann
Consultant at igf-logic GmbH
I am waiting to see the new API for the web.
There are several smaller parts of the tool that have room for improvement. One Identity currently is in the development process of fixing these issues.
View full review »As consultants, it's a very complicated to learn it at first, which makes it hard to find people to work with it.
The Synchronization Editor has to become easier to use for us, as technical consultants, because sometimes it's very complicated. If, as a new feature, there would more connectors out of the box in the Synchronization Editor, this would help a lot.
View full review »JP
Reviewer235911
Product Specialist at a retailer with 10,001+ employees
The tool to develop the web portal needs improvement.
We are pushing out a cloud strategy, but running this on-premise solution, and do not know what steps to take.
View full review »MB
Michael Botek
CEO at IT Design Software Projects and Consulting
The connectivity to the cloud with the cloud identity need improvement. The whole security story in the area of access management along with the possibility to get access is part of this improvement process. This is the cloud access manager (CAM), and it isn't as it should be, but it's a very good long-term solution.
It is important to get the cloud integrated. One Identity is stalling about this in America, and we need it in Europe.
View full review »MS
Miska Siirto
Lead Solution Architect at Tieto Sweden AB
I would like some access management features to be added. We have some customers with a small need to do authentication as a service, and there are other solutions on the market which offer this.
It is a large solution where you need to learn how to work in a certain way for it to provide the best benefit. On the other hand, it's really a structured way so you should work in a structure way, as it is a compliant to other frameworks.
View full review »UY
Umit Yilmaz
Owner at UY IAM Consultancy
I would like better integration with cloud apps, but I just learned this week that there is already a pretty advanced cloud integration. So, what I would like to see is already implemented, but I just need to start using it.
When I first started using it, way before version 7, the manual wasn't comprehensive.
The UX design needs improvement, but I have noticed that people are working very hard behind the curtains to make sure that UX is designed in such a way that the end user is going to have a much easier time using the product in future releases. My ideal was a product designed by IT guys with an IT guy mindset, not without realizing thousands of people in an IT portal would be using the product. Therefore, it took my customers many hours to find the correct links to order something from the IT shop, but I know One Identity is working very hard to improve this as well. If they could improve the UX within the Manager tool, this would be another huge upgrade in just lowering the learning curve of how to use the product.
The UI and user experience side of things needs improvement.
View full review »I would like a more friendly web UI. This is something that they are already starting to work on.
Because of our volume, the monitoring of the solution, several job servers, and DBQs has been very time consuming for us.
I would also like it to have an easier integration with phones.
View full review »BF
Vp841f
VP at a healthcare company with 10,001+ employees
Maybe it is going this way with the angled frame work, but we really want to be able to watch and control things, so we can change things and know what the impact will be.
Most importantly for automatic testing and rollouts, we need an easier way of connecting applications and an easier way of onboarding applications. At the moment, the process is very technical. People associate this as a technical and development thing. In the end, onboarding applications should be a business problem, not a development problem. They have take the technical work out of it. That is why we have to completely custom build a framework. Our work is not about connecting 20 or 50 target systems, as we have to connect thousands, which is difficult to do one-by-one.
The end user experience needs improvement. One of the things the end users complain most about is the shopping cart, because they are not really on eBay or Amazon buying things. They just need access to business applications. Why do they have to click so many times? We probably have around 20 calls a day because a user hasn't got access, not realizing they haven't completed the shopping cart. So, I would recommend removing the shopping cart.
View full review »Better support for version control and multi-threaded development would be helpful additional features.
The support for DevOps could be improved with quick delivery cycles and multiple delivery streams.
View full review »Connections with more clouds systems is already planned. The more that we can use One Identity to connect with other systems to manage all the applications accessed throughout One Identity, the better. I would expect to have more connections and setups to other systems.
Visually, I would like it to be more user-friendly. Version 8 looks visually like version 6, so this still needs improvement in later versions.
View full review »I would like to see a lot more integration with our platforms, more on the connector side. We are still using version 7.1. There are a lot of new features in 8.1, so we will look forward to using that.
View full review »I would like a secondary account approach out-of-the-box, as this would be really useful. Additionally, it would be nice to have more functionality in terms of connecting SAP systems, provisioning user accounts through SAP systems, and provisioning additional attributes.
View full review »TG
Tadej Grebensek
IT Engineer at Gorenje Vertriebs GmbH
There are some good things about the policy and role management features, but you can't really use them to their full potential. A lot of customizing that we have to go through to implement new processes and new customized policies could be better. Though, overall, it is great.
They need to implement a lot of best practices for this solution.
View full review »I would like to have more extensive out-of-the-box reports.
View full review »SP
Samuel Paul
IAM / IGA Architect - Associate Director at PRIZM
When you see the product for the first time, it seems very complicated, but it's not. To improve the product, it should be made to seem simpler when you see it for the first time.
View full review »I would like the sync editor to be able to change labels because currently our concurrent development cannot work on this.
Self-service is important for our end users. However, after three years, people continue calling the help desk, and the help desk is using this solution to make its requests.
The web front-end definitely needs improvement.
View full review »DC
Deepu Chandran
Identity Access Management Specialist at linde
One Identity has a self-service portal but many customers need a helpdesk where they can go in and request. To make that happen we need to do a lot of customization. Maybe that could be improved, but it can be implemented.
View full review »TS
Tobias Stehle
Product Owner at dm-drogerie markt GmbH + Co. KG
We had to customize some stuff in the SAP system, because over the years there has been a lot of customizing in the Identity Manager. It works well, but some features that we would want or that our colleagues are operating and running with the SAP system, we can't really provide, or we have to develop on our own, with One Identity Manager. SAP works well with it, but it could be better.
I would like them to add some lifecycle management features.
They could improve the support.
When you look at the connectors to Microsoft Edge, we think that maybe it could work. However, when we build a hybrid environment, you can't really use the tools that One Identity Manager is providing.
They could make the product more user-friendly. It takes a lot of work to build technical and business cases with the product. The solution is more complex than you think to use.
The API server needs improvement.
RA
Riyas Abdulkhader
Security Architect, InfoSec Consultant at Confidential ( Sensitive Industry)
A detailed solution document to registered aspirants and interested people would help them achieve what they require before its tested and pushed to production. Quest Software should provide notes and documents to customers before they buy the product and license.
View full review »Some internal structures are in place because of already depreciated functions back from the time when the solution was used for software deployment and as a help desk.
View full review »There are too many configuration interfaces. They could simplify the design to not require VB/PS coding to draw the workflows.
View full review »- Implementation of skip logic in user access request forms - this topic cannot been explained easily because it requires a deep dive within the functionality of the Web Portal.
- Lack of integration with RestAPI - the lack of out-of-the-box RestApi connectors creates some difficulties in integration running infrastructure as code, with DevOps operation (CI, CD, VCS etc.) and managing On Premise and external clouds.
There is a need to improve the use case documentation and coding templates. This product has some limitations when it comes to use case documentation. Generally, when we have any different scenario, we need to post in the blog and only then we will get answers.
View full review »- DBQueue processes can bottleneck the system at times. In v7, its apparently re-architectured, and is better. There can be too many of them and they process very slowly, causing actual processes to take a lot more time to complete.
- There should be a way to define fail-over job servers in process steps. Job servers can become a single point of failure.
- Better support for Oracle back end databases. SQL support is good and KBs are easy to find. The same level of support should be available for Oracle if the product claims to support it.
- A better migration tool for v6 to v7 upgrade, especially for the Oracle back end.
- There should be a way to separate out the front end (IT Shop) from the back-end processes. If the submission of a request through the web portal is done and it gets stuck computing something in the back end, the front end control should still be granted back so that the user can continue navigating freely across the site. Currently, if a request is submitted and it is taking time to process, the front end just gets stuck on a spinning wheel (loading wheel).
Buyer's Guide
One Identity Manager
June 2025

Learn what your peers think about One Identity Manager. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,803 professionals have used our research since 2012.