The best feature of this solution is its flexibility to be customized. It is like a framework. You can customize it very far from its core functionality, and it will still work.

The second best thing about the product is that it is rich in concepts of orchestration and event-driven architecture. It works well if you have a development team. For a team that has developers with VB, .NET, or C# skills, it is a very good product.

Another thing that is good about this product is its stability. In general, it is very stable. It does not go down that easily. It does not crash frequently. Especially since version 7 or 8, accessibility has been a very good factor. These are the main aspects that make it one of the best products.

View full review »

What I like the most is the flexibility or configurability. It is not like you are writing huge lines of code. It allows us to handle our very complex enterprise use cases, and we have many of those. We have a lot of scenarios where we need to do things internationally or slightly differently per country, or need to comply with specific regulations. It gives us a lot of flexibility to meet all those needs while also being able to accommodate our enterprise processes. It allows us to shift the tool to work for us instead of needing to change the organization to follow a piece of technology.

View full review »

I like the workflow engine and the deep integration with SAP products, including SAP authorizations. In the market, there aren't many products that can deliver this feature. The possibility of customizations is a significant aspect that makes this product stand out from others. 

Additionally, the number of connectors they support is commendable. Reducing the number of authorizations given to people on average is beneficial. Previously, individuals had accumulated authorizations as they moved between departments over their careers. 

Now, there's an attestation process when a person moves to a new department, allowing managers to decide on reassigning authorizations. This has led to fewer authorizations being assigned, which is one of its most important benefits. Moreover, the time taken from an authorization request to an assignment has also been accelerated.

One Identity Manager connects SAP accounts to employee identities under governance. We have an HCM connector, and we have built up the complete life cycle of an identity. TThis means when a person leaves the company or has a transition to another department, we also have processes implemented that we take care that they lose the authorization.

The solution provides IGA for difficult-to-manage aspects of SAP, like profiles, rules, etc. We use transaction codes and activities, and so on, on the lowest sub-authorization level for segregation and security checks. We assign roles, composite roles and single roles.

In terms of user experience and intuitiveness, there is always an issue from one product to another. In the beginning, the users may find it a bit complicated. However, they get new functions and a fancier UI. Overal, it provides a good impression.

It's easy to customize. The product has a huge number of possibilities or ways you could go. That said, you need good knowledge of the product. It's complex. This product needs a deep understanding of how the product works and how the implementation needs to be done. You need an external partner with good experience.

We make use of the product's business roles. We try to catch 80% of the authorizations so only 20% of authorization would need to be requested. 

We have connected cloud applications, including SAP cloud systems. These extensions to governance are very important. They need to be integrated. Our aim is to integrate every system where management takes place under one solution. 

One Identity Manager helps minimize gaps in governance coverage among test, dev, and production servers. Now, we can identify when users have no need anymore to have certain authorizations on a special system or special groups. Our user life cycle takes care of this. When they are not in the department anymore, they won't have access. It makes access to special systems more secure. 

It does help with licensing. If two licenses are similar, we can look at the settings and make sure that users are getting more licenses than we need, and when they leave, the license can be removed. It helps save license costs. 

The solution helps with application auditing and compliance as well as access decisions. 

We've been able to achieve an identity-centric zero-trust model. We have other applications around this, however, we are able to give authorizations only to one person and so that no one has more than they need to avoid security risks. People only get authorizations to that which is a user's core functions. 

We have more complex approval processes for normal authorizations. 

View full review »

It is very comprehensive. There are a lot of features in the product. The strong points are that you can model your organization in One Identity Manager and create roles. There is a Webshop where end users can order permissions and accounts. These are its strong points.

View full review »

From an end-user perspective, it is very easy to use. There is no need to follow extensive documentation; you just need to go through the process while raising a request. From a developer's point of view, self-practice is essential to grasp the necessary tasks, as initial use might be confusing. The first time, you have to use the documentation. Once you are familiar with concepts, it gets easy.

View full review »

Having worked with SailPoint and other identity management tools, I've found One Identity Manager to be quite handy, especially after seven years of experience with it. The framework is robust and flexible, allowing companies to easily adopt and extend the schema as needed. Unlike other tools I've used, One Identity Manager offers a high degree of customization. Even if the out-of-the-box templates or processes don't meet our company's specific requirements, we can readily adapt them, modify them, and build our own processes and templates.

View full review »

One of the most valuable features is the ability for business people to input their knowledge about business processes directly into the product. It's a good tool for anyone familiar with business or technical administration. The shopping cart capability for requests and the catalog features were also initially valuable.

It's the best product for providing an enterprise view of logically disconnected SAP accounts. Sometimes, it's doing better than the SAP IG, which probably got discontinued or will be. One Identity Manager helps us connect SAP accounts to employee identities under governance. It is critical because there's no such thing as just SAP, and you want to centralize. You have Active Directory, SAP, and all the cloud applications. Every product has its user accounts, and One Identity allows you to connect them all in one place.

One Identity Manager provides IGA for the more difficult-to-manage aspects of SAP. It lets you do many different things and go as deep as you want. The solution has a whole library of specialized SAP workflows for provisioning. 

You can build a customized web interface that you can do whatever you want with. The out-of-the-box interface for administrators or anybody else can take a little time to understand. It depends on the user's maturity. You must understand what's happening before touching the product. If you have experience using Identity Manager or similar tools, it's highly intuitive. It has so many features that it takes time to adopt, but that's not because it's difficult. 

The business roles are fundamental to role-based access controls. If you don't know how to build roles, it's very hard to do. One of the advantages of this particular product is that you don't have to be a technical person to build the role. You can log in as a business owner with a newly created project and add entitlements, users, or criteria. You can do it manually or using a formula. It's easy to do without any code. 

View full review »

One of the best features of One Identity Manager is its high level of customization. Since deployment, the solution has been tailored extensively to fit our specific needs. Its out-of-the-box capabilities are commendable, allowing for evolution and integration within an on-premise environment. For us, being able to customize the product to our requirements has been incredibly valuable, turning it almost into an in-house solution. View full review »

My favorite feature is the ease of customization. You can change, optimize, and update it at your convenience. I haven't seen that in many other products available.

We use One Identity Manager to connect to SAP IDM. SAPconnect target systems are integrated into One Identity Manager, and we've made several SAP connections we have made with One Identity Manager. The solution connects with Snow, which you can use to manage your disconnected systems. 

Most clients I have worked with prefer a custom approach. So some prefer Snow, some prefer some other IDM tool with which they want to manage their disconnected systems. So, yeah, you can say yes and no, to be honest. Like, yes, there is a functionality that has been provided, but it's not very matured enough. So that's why I believe clients tend to be a little customized on that front.

One Identity Manager connects SAP accounts to employee identities under governance. That's completely autonomous. Once the target system connection is made, the product is available in the IT shop web frontend. You can order it from there. One Identity Manager handles it by itself. You can customize, but usually the vendor has created an out-of-the-box functionality to do all these operations.

The solution provides IGA for the aspects of SAP that are more difficult to manage. With One Identity Manager, the good thing is that you can customize. In most of the clients I have worked with, the T codes or different custom SAP tables were later introduced in a greenfield project, you don't see these custom tables more often. Out of the box, the SAP connector gives you around 32 to 36 tables in the SAP target system that are more generic tables, but there are custom tables about the T roles or the special attributes. You can customize your connector accordingly, so there is an XML parser provided in the sync editor. You can use it to achieve all those operations.

I'm unfamiliar with SAP-related workflows because clients don't have any specific SAP workflow. They have their own workflows, and One Identity Manager is configured for various product approvals. That's how they are managed. If you want to create a customized workflow, whether it's SAP HANA or any other product-specific workload, you can easily create it.

One Identity Manager provides a connection with Snow, where you can manage your disconnected systems. Most of the clients I have worked with prefer a custom approach. Some prefer Snow or another IDM tool to manage their disconnected systems. There is functionality that has been provided, but it's not mature enough. I believe clients tend to be a little customized on that front.

It connects SAP accounts to employee identities under governance. It's completely autonomous. Once the target system connection is made, the product is available in the IT shop web front end. You can order it from there and everything. One Identity Manager handles it by itself, so you don't need to customize it, but the vendor is given an out-of-the-box functionality to do all those operations.

One Identity offers a single platform for enterprise-level administration and governance of users' data on privileged accounts. The good thing is that much of the functionality comes out of the box. You don't need to customize if you don't want. In a greenfield project, this tool is optimal for those purposes. If the user number is around 1 million or under that data scale, it's a good tool to run on from the IGA perspective. With One Identity, they don't want to focus on IGA. They want to expand the horizon of cybersecurity. There are native tools like Safeguard and others. You can even integrate your PAM accordingly with your IGA and IAM.

There are two types of interfaces in One Identity. One is the phased-out interface, which was known as a web designer. This is getting phased out with Angular now. Angular was one of the lagging points where the user interface was not up to the mark with the out-of-the-box functionalities. Many customers had to customize heavily to get a level of intuitiveness. Now, Angular's web portal has been notched up. You get AI suggestions, IntelliSense, and lots of fraud detection out of the box, like threat level. It's been improved in the recent version, and it's been working phenomenally well.

Business roles are used extensively, and custom implementations are done over business roles. The number of cloud apps I would be telling is a little less because their Starlink connector still hasn't matured enough. It's still not a high-performance tool, but it has the capability to do so.

Nowadays, every organization has almost at least a few apps in the cloud. It's important even if the organization is heavily based on on-premises infrastructure. With this tool, you get so many things that work with this cloud infrastructure, it doesn't let you down completely. When you compare the performance of this with a native PowerShell connector or SAP connector, for example, you feel that the performance could be enhanced a little bit. It's something that is becoming mature in the latest versions. I'm confident they will improve it further in the upcoming versions.

View full review »

The SAP integration is One Identity Manager's most valuable feature. It offers a strong, out-of-the-box integration that is easy to implement, a significant advantage over many other products that often lack this integration component.

View full review »

One Identity Manager offers identity-centric security, acting as a single source of truth by centralizing identity data for users, devices, and applications. It supports role-based access control and automatically assigns and reworks roles to minimize privileges. 

The solution integrates multi-factor authentication, enforcing stronger measures and requiring identity verification for accessing critical resources. It continuously monitors user behavior in real-time, triggering automated responses, and manages secure access for both on-premises and cloud applications using protocols such as SAML.

Additionally, it facilitates RBAC, provisioning and de-provisioning, certification campaigns, onboarding various applications, audits, and reporting with segregation of duties.

View full review »

One Identity Manager provides a wide range of features that enable connection to numerous target systems. It also includes built-in capabilities to automate user onboarding and offboarding processes.

One Identity Manager offers numerous features, including role management. We can create custom bot-specific roles, integrate with external systems, and grant users access upon onboarding within our system. The tool's automation capabilities are particularly valuable. They allow us to schedule tasks for execution at specific times, eliminating the need for manual intervention.

View full review »

I like the provisioning feature of One Identity Manager. It is very powerful and flexible. It works at a very high level, but it can also be tailored as per needs. They have something called Sync Editor. I personally like that one because I have a developer background. Currently, I have more responsibility within the company for this feature. I am one of the six subject matter experts (SMEs). My area is the reconciliation part. 

Compliance with BaFin requirements is very important for us. If we do not fulfill them, our license can be retracted. If we do not fulfill these requirements, it is not good for the company. We use the identity life cycle. We use provisioning extensively. We use attestations, recertifications, and SODs. We need all these equally to fulfill the BaFin requirements.

View full review »

One Identity Manager is a comprehensive identity management system that encompasses employee identity lifecycle management, certification, and segregation of duties. It ensures high security through multiple approval processes, preventing unauthorized access and enhancing compliance by providing time-based access for privileged accounts with proper audit trails. Additionally, it streamlines application access decisions and extends governance to cloud applications.

View full review »

It is highly customizable, a feature that influenced our company's decision. We can easily customize it.

I find it user-friendly. Once you have some experience, it demonstrates best practices and guides you on the correct way to use the tool. 

View full review »

In One Identity Manager, I appreciate the Synchronization Editor for onboarding different target system applications. We have various connectors that allow customization. For instance, the Windows PowerShell connectors can connect to different services such as RESTful services, SOAP services, and Windows services. I like how data flows from the target system applications to One Identity. We explore technical aspects, write functions in PowerShell, and connect with APIs. 

Another interesting feature is attestation, where we review and re-attest existing employees' rights. We create attestation policies, workflows, and schedules.

View full review »

It's difficult to identify the tool's core value because, initially, it seems to do nothing out of the box. Essentially, it's a framework that requires customization to align with specific processes. Nevertheless, its greatest strength lies in its ability to serve as a foundation for identity and access management processes. Standard functions like initiating workflows or requesting approvals are essential but expected. The tool's true advantage is its flexibility; it provides building blocks that can be easily assembled to create custom processes, much like constructing something with Lego bricks.

View full review »

One Identity has the biggest out-of-the-box functionality set. I've worked with other platforms like SAP that have a lot of features, but One Identity Manager is on top. 

One Identity provides an enterprise view of the more logically disconnected SAP accounts. It has the strongest SAP connector on the market and it can fully replace SAP centralized administration. It connects SAP accounts to employee identities under governance. One Identity is the only solution that offers IGA for the harder-to-manage aspects of SAP on a deep level. 

It has out-of-the-box SAP workflows and allows you to customize workflows, but you need an SAP specialist to handle these customizations. One Identity provides a comprehensive perspective for governing identity and access processes, reports, compliance stuff, etc. 

One of the biggest challenges organizations have is setting up borders with other processes and enterprise applications like ServiceNow. You could handle these processes, but it would make no sense. A typical example for better understanding is the joiner-mover-lever process of an employee and the topic of hardware where an employee gets their notebook, mobile phone, etc. These are something you would not challenge in a solution like One Identity. 

It can be easy to customize depending on the integrator's expertise. It has many out-of-the-box functionalities, but it also provides full flexibility to customize it. You can do it the right way or the wrong way, and this depends strongly on the integrator's knowledge and expertise. You can build on out-of-the-box elements or code everything from scratch, but this is not recommended.

One Identity's business roles are one of the most critical features. They enable you to reflect the entire entitlement structure up to the manager abstraction layer. For example, you can form a role for marketing and assign access to everything people in the marketing department need to do their work, including all the entitlements on the Active Directory and Azure levels. 

You can also assign a role to the IT shop, so people can request roles through the UI that are automatically assigned by the marketing team. Without these role functionalities, people would need to know the exact entitlement they need to have for the work, or someone from the service desk needs to know which entitlements are required. 

That adds additional pitfalls when you are not using roles properly. People can choose the path with fewer obstacles. They can find the people in the marketing department and copy-paste the entitlement, which might be a way but not the correct way when it comes to audits and revisions.

We have started extending governance to cloud applications in the past two or three years. It has challenges because it strongly depends on the cloud applications and especially on the API end endpoint. The connection is done technically on the API level, so you are strongly dependent on the restrictions of the API.

View full review »

Since I am placed in the business organization, I see smooth processes for joiner, mover, and leaver, and a compliance perspective. We are getting cost savings by automating system integrations. Previously, people handled access rights manually for each system. Now, after integrating about half of our systems, we are saving approximately three FTEs, and expect it to double. Line managers can see team members' access rights and do attestations in one view. We have integrated requesting of access rights also to external systems via the web portal to remind leaders about access rights management also for leavers and movers. Automation of these processes improves security and compliance by meeting auditor requirements.

View full review »

I like the solution since it is very flexible, and I can basically do everything that I like and need with it. 

I appreciate its automation capabilities a lot. Through automation, we have been able to reduce the number of service requests and tickets to our vendor. We have also managed to reduce the cost quite drastically in that sense. 

Additionally, by automating the access reviews, we have saved considerable time for our business leaders, even talking about several full-time equivalent savings concerning access review automation.

It works well at an enterprise level. We use it as a centralized platform for the whole identity.

It is a flexible system and we can customize it the way we want.

We use the business roles to map company structure for dynamic application provisioning. This is a very important aspect of the solution. 

We use the solution to extend governance to cloud apps and this is very useful for us.

Through automation, we have been able to reduce the number of service requests and service tickets towards our vendor, and we have been able to reduce the cost quite drastically. By automating access reviews, we've been able to save quite a lot of time - up to several FTEs. When we launched the system, we had quite a wide scope and saw results immediately. 

The solution helps us achieve an identity-centric zero-trust model. As you are getting your identity only through a centralized system and also getting all the accesses attached to that identity and all the accounts attached to that identity through one system, then it is possible. We also handle access to any system through that one solution. When we do that, we have a full picture of the identities and what kind of accounts and entitlements they have. Having the full picture and having the governance of the whole entity when it comes to access management allows security to be tight. Also, the controls that we have in place then, for example, joiner, mover, leaver, that helps in maintaining that zero trust principle.

View full review »

The One Identity Manager's user-friendly interface allows for easy external identities and user account creation. To request a new account, we can just navigate to the appropriate section and provide the necessary information. Existing identities can also be managed through this platform by requesting entitlements. This streamlined process eliminates manual intervention and ensures efficient account management.

View full review »

One Identity is one of the most feature-rich platforms on the market. It covers every use case. The user interface has been improved, making it easier to make it look like what customers want. It's easier to customize than a lot of competition solutions. There are nearly a thousand built-in processes that you can edit and customize according to your needs. 

The solution has a graphical synchronization engine program to generate synchronization and provisioning for you. If those aren't enough, you can create your own, which we often do. Our developers can handle that kind of integration quickly. If we have the definitions ready, it usually takes only a day or two.

The ability to extend governance to cloud applications is critical. The Microsoft 365 integrations are particularly important. All the cloud applications are crucial, especially in the Nordic countries, where we have a lot of SaaS applications.

View full review »

It has a full feature set with certain tools for certain things.

I use the Designer a lot because I do a lot of customization (processes, scripts etc) and I would say it is pretty comprehensive. I am a Microsoft Identity Manager (MIM) veteran, which is an old product that still has end-of-life support. One Identity Manager is the next generation of IGA platforms because almost everything can be customized and extended and still keep a solid metacatalogue. I can test and evaluate the data, even at a property level, and be sure that it is going to work before pushing my changes into production.

The next one would be the Manager because that is where we review the data and orchestrate things like approval workflows and attestations. We can use different models for entitlements such as system roles and business roles. Then we can assign these to an IT shop for the end user.

Then, of course, none of these tools would be useful if we do not have any data coming from a target system such as HR. Here we use the powerful Synchronization Editor that comes with a lot of OOTB-connectors, also called sync projects. Within a sync project, mapping and workflow is set up to synchronize the data and provision changes to, for instance, an Active Directory target system. It is also possible to develop custom connectors.

We are also using the Job Queue which is a tool that displays ongoing processes (Jobs) and possible errors. We can look at history jobs and also get a health check of our Job Servers and Web Servers.

I also use the Object Browser which is an abstraction of the SQL tables. This tool is more technical than Manager but powerful in its own way with possibilities to trigger events, filter data and even more.

Finally, the Database Transporter that is used to transfer objects or custom changes between One Identity Manager databases. These changes are mostly something called "change labels" that could be work I have done in the Designer, objects created in the Manager or other information I want push to a specific environment using a transport package.

View full review »

One Identity's user interface is excellent. It has a timeline view that shows when a user received access and when access was removed. This provides a solid overview of all the users' activities since they were onboarded. 

Another visualization tool not in the main UI shows the identity in the center and links to the target applications. You can drill down and see the details for those target systems. That is very helpful for us to look up something related to a user quickly. 

We use One Identity to manage SAP. We did a lot of customization, integrating the GSA components of SAP. We brought in all those rules, and it wasn't straightforward, but One Identity has some additional support and capabilities for SAP that helped us a bit. We brought all those GSA-related activities in through process changes and some customization. 

One Identity is good at automated user provisioning and de-provisioning. The system processes things quickly. We had an issue where we mistakenly disabled nearly 4,000 Active Directory accounts due to a developer error. We had to get those accounts back up again and were pushing the records to AD to make the changes. It was running a bit slowly, but we have a cloud setup, so we bumped the resources, and it handled that load quickly.

The compliance reports are good, and custom reports can be easily generated. One Identity provides separate built-in user roles for auditors, compliance officers, and others. The SOC exemption process and associated reporting are excellent. 

It's critical that One Identity extends identity governance to cloud apps because most organizations are hybrid. The cloud is maturing and becoming more affordable. More organizations are shifting from legacy Oracle EBS systems to Microsoft 365 or Salesforce. All these vendors have also picked up cloud offerings and offer them as a managed service or complete service, where we don't have to worry about anything.

View full review »

One Identity Manager stands out for its extensive functionality. It allows us to perform nearly any customization a customer might require, unlike other products with limited customization options. One Identity Manager's wide scope for tailoring configurations makes it a versatile tool. It can connect to various target systems, including Active Directory and schema-based systems like REST APIs. This makes One Identity Manager a great fit for our organization's end-to-end needs, from user provisioning and auditing to onboarding new joiners. It seamlessly fits all our requirements.

View full review »

One of the most valuable features of One Identity Manager is its availability as an on-premises solution and as infrastructure-as-a-service in the cloud. Additionally, the reporting capabilities, powerful synchronization engines, and workflows, including the SAP connector, are highly beneficial. The solution provides an identity-centric approach which supports achieving a Zero Trust model, and it significantly reduces operational costs by allowing the same number of support team members to manage a greater number of systems. View full review »

The designer tool is one of the most powerful features because you can manage permissions and permission groups in it. The designer is a tool for adding and removing permission. The manager lets you create IT Shop objects and determine which type of user can access an object.

One Identity is versatile and complex. There are no limits to what you can do with this tool. It integrates well with Active Directory and has a powerful API integration. They also introduced the new Angular platform to replace the old web portal, which was too complex. Angular is a simplified web UI for users to do whatever they want to do.

We can leverage JavaScript and the Angular framework to build interactive UIs with the new Angular portal. Also, the new API server makes a lot of sense because using Angular is the front end, and the API server is on the back end. You can do anything you want. It's limitless at this point.

We use One Identity to manage SAP and logically disconnected SAP accounts. From an architectural point of view, you can create request staging tables to sync to the SAP through API calls to the SAP module. You can link the data source to the One Identity staging table to ensure all data goes into the One Identity testing table. You ensure all the necessary fields are there and create a staging table where you would load all the information from SAP. 

You can sync into the One Identity object. From there, you can do whatever you want to do. You can create Active Directory groups and add permissions. SAP is also robust. For example, let's say you have a department's table in SAP. You can also get the department information from the SAP and tie it to the object depending on how you want to sync and structure your project. My approach would be to create a staging table and make an API call to SAP, filling up and syncing the table to the SAP objects in One Identity, adding all the necessary permissions from SAP to the same user, and creating the AD groups if that's also part of the plan. 

There are many approaches to connecting One Identity Manager to SAP accounts under governance. There is no written-in-stone way to do this. The cleanest approach would be using a staging table where you can add all the permissions. A staging table contains the user information and the groups the user belongs to. All of that information will be in any staging table you want. From that table, you write information into the object. 

It helps manage some of the more difficult aspects of SAP. If you have a staging table with all the information from SAP stored there, you have all the rules, Active Directory group names, and permissions. You have all the information. You can use that information to create an identity in One Identity. If you have an SAP account, you must create that SAP identity in One Identity. You can tag and call it SAP and import the source. You can add a SAP tag to it to show that this is an SAP account. 

Before Angular was introduced, the user experience was bad. To do a small custom change in the web UI, you had to do a lot of configuration on the back end. The new Angular portal solved that problem. I don't have any complaints now. The user interface is perfect, making the experience good for the users. Loading objects, caching, and handling errors are way faster with Angular.  

One Identity's business roles help us with provisioning. The whole idea of business roles is to provision based on the user's role. You create business roles for a department with a manager, assistant manager, technician, etc., so you can create custom business roles for all these positions in the same department. Each has permission to do certain things because of their business role. Business roles assign resources and permission groups based on role. It's critical because it limits access based on those roles. We can use business roles to extend governance to cloud apps. 

View full review »

From a technical perspective, One Identity Manager's greatest strength lies in its extensive customization options. The platform offers a wealth of functionalities and flexibility, allowing us to tailor solutions to meet our organization's specific needs without limitations. This unparalleled adaptability is One Identity Manager's most significant advantage.

View full review »

One Identity Manager is more scalable and customizable than other products I have worked on, and user customization isn't as complicated. Defender, One Identity's PAM solution, is useful for rotating passwords in the developer's evolving facilities. 

Customizing the UI and backend is easy if you understand the framework. It may take some time to learn, but it's not too difficult once you have it down. Business roles are a handy tool from One Identity that we can map multiple accesses in a single bundle and provide it to the users. You can also provide birthright access to this, so they don't need to request it once onboarded. We can assign them access based on a particular department or a job role.

View full review »

I greatly appreciate the initial approach provided by One Identity Manager. It's beneficial because we can easily view nearly all the information about our users without extensive searching. Access to users and groups is rapid. For instance, if a user has standard connections, such as Active Directory, LDAP, or SAP integrations, we can readily access information based on their identity. This is a fantastic feature.

View full review »

One Identity Manager stands out because it offers a wide range of features without requiring complex installation or ongoing maintenance. While many identity governance products necessitate external integration specialists, One Identity Manager's user-friendly interface allows internal staff with some IAM knowledge to manage it effectively after hands-on training. This is particularly beneficial because the product's pre-built lifecycle features, the core functionality of any identity governance tool, are comprehensive enough to address the needs of most companies, including larger organizations, without extensive customization.

View full review »

One Identity Manager stands out for its modular design, allowing us to easily customize it with specific components, and its flexibility to handle any identity and access management scenario we encounter.

View full review »

One Identity Manager offers several features that I found advantageous compared to other tools. For instance, imagine two distinct teams: one responsible for administrative documentation and the other for development. With One Identity Manager, the administrative team wouldn't need to learn a separate design tool, as the platform offers dedicated features for both administrative and development tasks. This segregation of functionalities is helpful because it streamlines workflows and reduces complexity. For example, if we need to monitor backend processes, One Identity Manager provides a dedicated job queue with a visual representation, allowing us to easily identify any stuck jobs. Additionally, the platform is database-oriented, offering built-in filtering and browsing functionalities within the object browser, further simplifying data management.

View full review »

It's easy to integrate SAP with One Identity. SAP has different modules, and you can manage users through the One Identity interface. Integrating through a stream connector is simple. 

It's role-based access control, and you can manage it. It's perfect for our customer's governance control. One of my customers is using One Identity's PAM solution. It is a separate component and licensing model.

View full review »

I like the customer-facing portal because it is simple to use for end users. Some of the features are also easy to configure.

View full review »

The most valuable feature is the JML. Unlike other identity manager tools, the JML is more customizable, making it easier to find.

The solution provides IGA for the difficult-to-manage aspects of SAP such as T-codes profiles.

It provides a single platform for enterprise-level administration and governance of users' data-privileged accounts. We have end-to-end JML features, including role-based access provisioning, access certification, and reporting. One Identity Manager is a very good platform, especially for those who have been working with it for the last two or three years. They are likely to be very happy with it.

Another good feature of One Identity Manager is its multi-language support. I give the solution a seven out of ten for its single platform feature.

One Identity Manager has an intuitive interface that is customizable.

View full review »

One Identity Manager offers a wide range of connectors, allowing it to interface with multiple target systems and perform provisioning and de-provisioning tasks within them. This extensive connector library, available out-of-the-box, is one of its most valuable features.

View full review »

I like how One Identity Manager is designed. We can control granular-level permissions. Compared to SailPoint and CyberArk, we can go granular in the access levels. We can control it at the table, column, and database levels. That's the power of One Identity. 

We can import business roles from a .csv or create them in the manager. It is easy to create as many roles as we want, and there is no limit to the resources we can assign to them.

View full review »

There are a lot of valuable features, including connectors, attestations, and workflow.

For the governance of users, data, and privileged accounts, it's really strong. It's really good, a 10 out of 10.

We also make use of its business roles to map company structures for dynamic application provisioning. That aspect is super important.

View full review »

One Identity is a complete solution that has everything we need. We can use it to manage SAP. It connects SAP to employee identities under governance. This functionality is critical. One Identity Manager provides IGA for the more difficult-to-manage aspects of SAP, which is also crucial. The SAP-specialized workflows are easy to implement. 

One Identity provides a single platform for the administration and governance of users, data, and privileged accounts. It provides a complete overview of all these things. The user interface is intuitive and nice. It shows everything. Customizing the interface isn't hard. You can create custom fields. This is one of the most important things.

View full review »

I like One Identity's reporting features and the single sign-in option. Users can skip multiple logins. It also gives us a centralized system that lets us know about a user's access. This is an automated process. If a user leaves the company, One Identity will ensure their application access will be removed after a certain date. When the user joins a company, it ensures all privileges are created and active by the start date.

Using an open-source integration platform, we can integrate any service provider with One Identity. I think the user experience has been positive. Customizing the solution for each company's requirements has been challenging and interesting. Some of these companies are massive and have significant requirements, and we need to ensure that everything is under the scope.  We are collaborating to test and incorporate other functionalities. Corporations might also have their own applications, so we should be aligned with those. 

View full review »

One Identity Manager is flexible and offers numerous connectors that enable us to serve as the core component of the system, as well as to construct our own connectors using the API.

View full review »

It has a lot of depth. It has advanced features. As a customer or as someone who is managing the solution, I like its self-service capabilities where it has lots of powers, and the users can select any reference users. The majority of the time, we face an issue where new joiners are not aware of what they need to have in order for them to do their job. One Identity has the answer where they can know this by selecting any reference users, which are basically their colleagues. This way, they can quickly know what sort of access they have in the system, and they can raise the same. The system will automatically identify it for them. It saves a lot of time and is also a very useful feature.

Another valuable aspect is the depth of the product. It allows the support team to reroute certain requests to different people, and within their request flow itself, you can ask questions. All these features are very helpful in our context.

View full review »

One Identity Manager's most valuable asset is the ability to customize its front-end website.

View full review »

There are various tools available in the market. The best part of One Identity Manager is that it provides wholesome features. Most of the things required for identity management are given out of the box in One Identity Manager. You can just define your use cases, take this tool, and right away implement the solution. The default features and the default setup are already embedded or built into One Identity Manager. That is what provides One Identity Manager an advantage over other tools where we have to customize things, whereas, in One Identity Manager, most of the things can be done out of the box. On top of that, if something needs to be customized, that can also be done in One Identity Manager. The inbuilt functions or features that One Identity Manager provides for identity management are very good.

I have been working on it for the last six years. It is very good from the user experience perspective.

View full review »

The solution helps us to efficiently manage lots of authorizations automatically. We started initially using One Identity as a tool for security reasons. But then we noticed that management in the supply chain embraced One Identity for operational efficiency reasons. Today It allows all 100,000 employees to automatically access all kinds of applications.

We use it for SAP. We have multiple SAP systems. We use it for HANA and the cloud environment, for example.

One Identity Manager provides an enterprise view of management for logically disconnected SAP accounts. It's very good yet also difficult. Technically, it's a good solution, however, you need to have people who understand it and can use it the correct way. Being just a One Identity developer is not enough. You need to be specialized in this kind of module to use it to be efficient and effective. We are not there yet to use all this additional functionality.

One Identity Manager connects SAP accounts to employee identities under governance. It is important to see who has which SAP role, and if it's assigned based on the HR function, or assigned after an additional request.

There is a special SAP connector. There is reporting. You can build reports yourself. There are lots of possibilities, however, you need to know how to use it.

The solution is good for providing a single platform for enterprise-level administration and governance of users, and access to applications and data. We use it only for personal accounts. We have a separate PAM solution to manage privileged accounts. But to request access to PAM-tooling initially, needs to be done in One Identity. It's a two-step approach.

What I noticed, is that the user experience in version nine is good. We’re using an older version. The user experience is not very good in version eight. It’s a bit old-fashioned as it appears now. The latest version is much more modern.

We make use of the solution's business roles to map our company structure for Dynamic Application Provisioning. We are giving people the right authorizations based on the job and function. We use it a lot, especially in the stores and distribution centers where there is a high frequency in the joiner, mover, and leaver process, but the organizational structure is quite solid and doesn't change a lot.

We use One Identity also to give access to test environments, as self-service.

It has positively affected operations. There are a lot of things that are possible. It does what you want. 

It provides more insights because HR data and access to all systems are in one system. This information can help us to review who needs more access, or revoke access if it's necessary.  

One Identity Manager helps streamline application access decisions. There's an approval flow for additional access requests. For every application, you can have a different flow, in case you need extra security approvals or from a data-owner. 

It helps streamline application compliance and auditing. We can do a re-certification process and someone can give approval if it is needed or not. It's helped us improve governance. The re-certification process is very good. 

The solution helped enable application owners or line of business managers to make application governance decisions without IT. All employees and managers can request access as a self service in One Identity instead of going through IT.  The request for access is easier, and faster, because after approval the access is automatically granted.

View full review »

The customization is an excellent aspect of the solution. You can basically change the product to anything that we need to with most of the code available. Most of the user interfaces can be changed just by the request of the user and our customers. That's very good. 

Another very good part is the standard connectors, especially SAP. The integration with SAP and One Identity Manager is just very good. It brings a lot of the standards with it already. There's a lot that has already been done and doesn't have to be configured manually. That's back to the customizability. If the SAP connector or any other connector is not enough, things can be reconfigured. 

We use it to manage SAP. From an enterprise view standpoint, we have a full list of all SAP users. It connects all SAP users to the specific employees and we get an enterprise view. The solution connects SAP accounts to employee identities under governance. That is very important. It's one of the most important things we can do - to recertify permissions and recertify the users and also find authentic users that are not used anymore. That is why it's a very important part of governance.

The solution provides some default workflows for creating users, updating permissions, et cetera, however, you can customize beyond that. You can basically do whatever you want all in workflow and processes, automatic processes, et cetera. 

It provides a single platform for enterprise-level administration and governance of users, data, and privileged accounts. It allows you to see everything. If you have more than one product, you have a very good overview of everything. The identity manager alone can give an overview of privileged accounts that exist. The overview is very good. 

The solution's user experience and intuitiveness are great, especially for the users and administrators. The web interface is very good. It's very easy to use. Most customers change the interface colors and icons and stuff like that to match their own company. 

It is easy to customize the solution for our particular needs or for our client's particular needs, depending on what has to be customized. For web interface customization, you need to do some programming. You need to be experienced in web interface programming. However, enterprise processes, workflows, approval, recertification, and calculation of permissions and stuff like that is very easy. It's easy to configure that without much knowledge of the system. 

We make use of the solutions business roles to map the company structure for dynamic application provisioning. Business growth is one of the first things that we try to conceptualize with our customers. We can map specific permissions to specific roles and also apply those via dynamic roles automatically to people in specific departments.

We do use the solution to extend governance to cloud apps. This extension of governance to the cloud apps is important. You have to extend the governance to every aspect - not only on-premise, but also cloud. You cannot stop with governance. If you only do governance on half your systems, then that doesn't really make sense. Therefore, it's very important that the solution provides it for the cloud as well.

The product helps minimize gaps in governance coverage. The recertification and access management part can help with that.

It can help consolidate procurement and licensing. None of our customers have needed it until now. 

The solution helped enable application owners and managers to make application governance decisions without IT. When the recertification or application access is automated and configured correctly, then the manager automatically gets, for example, every six months, a request on the web interface, which is very easy to understand. It basically explains everything. The user just has to click the green arrow or the red cross to say yes or no to certain access or permissions; it's very easy.

The product helped us achieve an identity-centric zero-trust model. It all comes back to the optimization of different accounts since everything is connected. With this product, you get a 360-degree view of all accounts, et cetera. 

View full review »

We did a PoC with other identity management tools such as SailPoint, Oracle Identity Manager, and Microsoft Identity Manager. We chose this product for being able to accommodate our requirements. It's very flexible, and it's open to being developed to our requirements. For example, for our custom tasks related to subsidiary companies, we created a custom HR portal for our subsidiaries. These employee accounts are not in our main HR databases. We created a portal in One Identity for their HR divisions, and they are doing their daily operations on this One Identity custom portal. That's why we chose this product for our production environment.

Another reason for choosing One Identity was the local support and the Password Manager solution that they have.

View full review »

It offers really powerful processes. For example, when a person is joining a company, or changing teams, or leaving, it's easy to create a management flow for the onboarding or offboarding process. It helps manage all of the accounts a person might need to have access to. It integrates with several platforms and has specific connectors that make it very useful. It works with the majority of applications an enterprise might be using, such as Salesforce or various cloud providers. It also integrates well with SAP. 

It provides a unified view of logically connected solutions. It can connect to accounts related to employee identities under governance. It's probably the main reason a client would use the solution. The entire reason to deploy such a solution would be to have governance over accounts and have access to the life cycle of the account. 

The solution is a single platform for enterprise-level administration and governance of users, data, and privileged accounts. 

It can be fairly easy to customize, depending on a user's particular needs. If you are integrating with some very common solutions, it's pretty straightforward. 

The solution offers various business roles to help map company structure, name, and provision. You can tie permissions to specific roles very effectively. You can implement role-based access control.  

We've used it to extend governance to cloud apps. This is important to us. The common trend is to move to cloud applications. Even local clouds afford the same level of permissions. Having a standardized layer in between definitely helps. 

We immediately noted the benefits of the solution. However, it depends on the type of user. Common enterprise users can get quick results. Those responsible for identity access management or compliance see the results quickly. They'll benefit almost immediately. The normal user, however, may not understand the difference. 

You can use the solution to minimize security gaps and close the gaps between privileged and standard users. 

It can help consolidate procurement and licensing. It can help you understand how many users need access to specific applications to help you get better numbers as to what is needed and not overbuy licenses. 

The solution helps us streamline application access decisions, application compliance, and application auditing. You can get reports. It's nice. It helps with visibility and planning. 

It helps reduce footprints and minimizes access from unrelated teams. 

View full review »

The most valuable feature of One Identity Manager for me is its Designer tool. This tool allows me to write custom code and provides flexibility to customize and adapt the system to meet specific business objectives.

View full review »

The most valuable feature of One Identity Manager is its object-oriented architecture. According to this architecture, every element written inside of the system is an object and can be granularly given to someone. The solution's control is amazing. Another great feature of One Identity Manager is its ability to delegate responsibilities to different types of people through granulated access.

View full review »

The most valuable features are centralized Identity Management, robust Access Governance, and One Identity Manager workflow automation, simplifying user management and compliance.

View full review »

Several employee data fields are synchronized to Active Directory, providing easy access to other applications (office, address, description, telephone, employee status, etc.). The update process is scheduled and automated to run multiple times a day, so Active Directory is always up to date with different employee data.

The One Identity birthright process has helped generate user accounts more accurately and quickly. Our Service Desk ticketing system is now used to complete user accounts and provide only what isn't common across their department or team. 

View full review »

One Identity Manager is user-friendly and easy to customize. One Identity's business roles enable me to map company structures for dynamic application provisioning, which is fairly important.

View full review »

One Identity's interface is pretty good. It's user-friendly, and you can access most applications inside the console. The user experience is solid. You can use One Identity if you are a layman without much technical experience. You might need a little more training with admin access, but it's easy to learn. 

View full review »

One Identity is simple to implement. About 90 percent of the implementation is configuration rather than scripting and creating the connectors. It's quite easy to customize the solution. 

View full review »

An outstanding feature of One Identity Manager, compared to SailPoint, is the dashboard where they present everything. With the dashboard, the customer can see how the integrations have happened. It is more presentable than what we have with SailPoint. The user experience is good because everything is exposed on the dashboard. They can tweak it a little bit if they want.

Also, using its business roles to map company structures is fairly easy and good, similar to SailPoint. It is handy. This function is very important because today, most organizations rely on RBAC, role-based access control. If a tool offers identity management capabilities, it must also offer role-based access control. Both One Identity Manager and SailPoint offer good role-based access controls. It's easy to configure and use.

View full review »

It helps in managing SAP. There is a connector that you configure with the tool and it helps to provision accounts and assign roles or permissions in SAP. If there is a disconnected SAP application and you want to bring it on board, One Identity Manager gives you the tools to do so.

One Identity Manager connects SAP accounts to employee identities under governance. Although each organization is different, what is typical in some organizations is that it is important for them to meet security compliance regulations like CIS controls. They use the solution to meet those requirements.

In addition, healthcare companies have to be HIPAA compliant. One of the HIPAA rules is related to terminations. They need to make sure that every user or employee who is terminated is denied access within 24 hours. One Identity Manager helps you to implement that kind of case. If we connect One Identity Manager with the human resources system, we can read the employee's end date and automatically disable access for that user in less than 24 hours. In fact, we can disable the employee, once we have connected to Active Directory, in five minutes or less.

One Identity Manager doesn't have a privileged access management model but we can create one. A robust solution is based on the Windows platform. To address this use case you need a SQL Database and Microsoft Internet Information Services. If your organization is a Windows environment, One Identity Manager is a good option for your company.

In terms of the user interface, Quest, the vendor, follows up-to-date web standards for development. Currently, they are moving to implement Angular as a framework to implement end-user UIs. As a result, end-users will see a pretty nice website, a web portal where users can approve requests, submit password changes, or submit new requests. Also, if there is a certification campaign running, the web portal is very user-friendly. The manager can log in and see items that need approval or denial. The current version is designed to support mobile, tablets, and web browsers.

We also make use of One Identity's business roles to map company structures for dynamic application provisioning. That is a very important feature because most companies want to implement role-based access. Business roles are one way to help companies to identify job codes and position codes. It enables the grouping and automating of certain types of access for certain departments. For example, if you know all the people in your sales department, you can configure a business role so that anybody who is a new hire in that department will get certain accounts or certain access or certain groups in different applications. Doing that in One Identity Manager is a very simple task and it is very well organized.

The product can also be extended to support any of the SaaS or PaaS applications on the cloud. Nowadays, identity manager solutions are focused more on managing of identities and entitlement access on-premises. But companies are moving to the cloud and it has become very critical for solutions to start handling user accounts and permissions in the cloud. One Identity Manager is specifically a product that is moving in that direction and providing connectors to the cloud. It's a gap that needs to be closed and not many providers are investing in that. I've been implementing One Identity Manager for 12 years and I still haven't seen any other company doing cloud identity management, 100 percent. Hopefully, next year and in the following years, more companies are going to start adopting that technology.

And whenever you implement test, dev, and production servers, it will help minimize gaps in governance coverage among them. Using the solution you can connect and configure users in production, but if you configure dev or test instances, you should absolutely be able to handle ID and governance access for those applications.

View full review »

One Identity Manager is more reliable than other identity managers. The most valuable features are the behavior, configuration, and customization options.

View full review »

One Identity Manager's account creation feature stands out as its most valuable functionality.

View full review »

One Identity Manager connects SAP accounts to employee identities under governance. The connector from One Identity for SAP is the most powerful one in the market. This connector can touch all the levels of the objects in SAP. It can not only be connected to SAP ERP but also to SAP HANA, GRC, etc. One of the strengths of One Identity Manager is the SAP connector. You can touch a lot of the SAP environment and also have deep granularity.

View full review »

In the Manager tools, my favorite feature is the ability to obtain a comprehensive overview of any user efficiently. The portfolio view simplifies this process, eliminating the need to check through Tableau or other tools. Another significant advantage is the quick and easy creation of mappings, roles, and IT configurations for various products within One Identity Manager. This feature stands out as a valuable and time-saving capability in the manager tools.

In our Governance and management tool, One Identity Manager plays a crucial role in connecting SAP accounts to employee identities. This integration ensures that all identities are linked to their respective employee profiles. This connection is of utmost importance because if, for instance, a login is enabled for a specific user, maintaining a consistent ID becomes essential. With One Identity, this process becomes seamless, allowing the replication of related attributes across all relevant systems and ensuring a cohesive identity management approach.

View full review »

The solution offers good integration with other environments such as SAP and Active Directory, et cetera. We are managing access and managing all the provisioning of user access and accounts.

We manage the product to help manage SAP. The solution is okay for providing an enterprise view for the management of logically disconnected SAP accounts. It is quite complicated since SAP has quite a structure for these roles and accesses, however, it is quite manageable in One Identity and it is well supported with proper support from our external provider. We finally managed to make it perform. It is now working well.

One Identity Manager connects SAP accounts to employ identities under governance. This is important. We had it implemented before only based on requests without active-active connection. There were quite a lot of non-matched users, and what happened a lot was that we would have users who had left the company and were still active in SAP. So now when a user leaves the company it’s not an issue. Also, the SAP account is already provisioned. This ensures data protection and the privacy of users and everything.

If I were to assess One Identity Manager for providing us with a single platform for enterprise-level administration and governance of users, data, and privileged accounts, I’d rate it highly. From a rating of five, I’d rate it 4.9.

The solution's user experience and intuitiveness are good. It’s extensive. 

How easy it is to customize really depends on the level of desired customizations. There are some customizations out of the box while others require quite a lot of coding. In that case, I’d suggest a person uses support or gets external support.

View full review »

One Identity is easy to integrate. It isn't easy to use, but it can be extended. It has out-of-the-box integration capabilities for small companies. It can be integrated with many different systems, such as SAP, and the out-of-the-box configurations offer extensive visibility. 

The solution provides a single platform for enterprise-level administration and governance of users, data, and privileged accounts. That's the primary purpose of this product, and it works. 

With almost 10 years of experience with the product, I understand the product and how it works, but I cannot speak from the end-user perspective. However, we can customize the solution and do our best to make it user-friendly. It offers different levels of customization. Experienced developers can perform some advanced customizations, but it can also be customized on a very basic level. You can customize almost everything. 

View full review »

One Identity Manager is very customizable to meet customer requirements. We can write custom code as per customer requirements.

Role-based access is also very valuable.

View full review »

The most valuable feature of One Identity Manager is it simplifies user-account provisioning and administration. One Identity offers a comprehensive range of solutions that cater to almost every aspect of the identity and access management domain. Their solution suite includes a login solution for access management that can be seamlessly integrated with your IGS solution. Additionally, they offer a dedicated tool for IGA that fulfills all your identity and assessment requirements. In addition, they have a solution called One Identity Safeguard for identity management and access management, which is gaining increased importance. With One Identity, you can obtain end-to-end solutions from a single vendor, whereas with other vendors, you would need to combine various vendors to achieve the same result. 

View full review »

One thing that I like about the product is it comes with a lot of out-of-the-box features. There is the occasional scripting here and there, but there are some out-of-the-box samples that you can follow. So, it has been pretty good. We have been able to work well with it.

I have found One Identity Manager to be flexible. It is mostly configurable. We get most of the features out-of-the-box. If not, we have some samples that we can follow, then model the system, accordingly.

As far as GDPR is concerned, our company is located across the globe. Based on user requirements at any given location, we have been exposing only those attributes. In that way it has been flexible so we can comply with GDPR.

View full review »

The self-service functionality of One Identity Manager is arguably the most valuable feature. It allows us to easily initiate access requests for new hires through a user-friendly interface. This information is automatically sent to HR for review. Similarly, for departing employees, the intuitive interface enables us to import their details and trigger the termination process seamlessly.

View full review »

It's very easy to roll out. They do have various defaults available, so you have a variety of rollout options.

It is very easy to handle complex requirements. It provides a very good user experience.

I like the user interface. I'd rate it three out of five.

The solution provides an attributes-based setup, a dynamic role setup, and many other features for enterprises. It provides a single platform for enterprise-level administration. 

It has an easy user experience. It's great. From an intuitiveness standpoint, I'd rate it three or four out of five. It tries to make it easy for administrators to fulfill requirements, even if it needs to be customized. 

The customization is top-notch. It's the best compared to any other tool we've used. It fulfills a lot of needs. I'd rate the level of customization three out of five. 

While I haven't really used the solution's business roles to map company structure for dynamic application provisioning, leadership has used it for this purpose. My understanding is that it is quite good.

The product does help minimize gaps in governance coverage for test development and production servers.

It's helped us to achieve an identity-centric zero-trust model.  We are able to set up dynamic rules centrally. 

View full review »

The best feature is that it's customizable. For example, we can create any kind of product or custom service within an IT shop and customize it the way our customers need it. For the customers, it's the best. They are happy with it.

We can create a custom policy for a company. We can use a business role for access to a given product and determine what the next process is. For example, if someone requests access to something, the custom policy will show it to the supervisors at each location or redirect it to the user who is responsible.

Also, we use the solution's business roles to map company structure a lot. That's one of the parts that the customer really needed. They wanted a custom role for each of the cases they were creating. They wanted to assign users directly to a business role, and these roles can be assigned to other users in the directory. The business roles feature is critical.

One Identity has another model called Data Governance Edition. It's a very good solution for controlling and applying the concept of CIA (confidentiality, integrity, and availability). It's the best solution for that. We use One Identity Manager with Data Governance. There are shared folders, and a lot of people have access to them. With Data Governance, if someone requests access, based on the kind of permissions they have, Data Governance helps us make this kind of decision.

View full review »

One of the valuable features is that it is relatively organized. I definitely appreciate that aspect. It is also relatively simple to use with a very easy flow to the GUI. The user interface is really top-notch. Whatever we need to do with it, we are able to see just how to do it right away.

Customization is also fairly easy. There really isn't a whole lot to it.

And one of the main things that we use it for is the creation and modification of business roles. That way, we can assign just one role to a user and they have all the permissions that they would need. We also use the solution to extend the governance to cloud apps. For users who need to work with the cloud on a daily basis, it makes assigning their privileges a lot easier.

View full review »

The solution is a typical, conventional IGA but the tool itself offers many options for customization. Some other products are easier to implement but don't have the same customization capabilities. 

View full review »

In terms of what I found most valuable in  One Identity Manager, it's the only product where the workflow and the catalog can be configured on roles or by business people. You don't need to know the technology at all to configure that, so this is the product's biggest advantage as well as its strongest feature. One Identity Manager is also business-oriented and IAM administrator-oriented.

View full review »

Among the most valuable features of One Identity Manager are administration from Active Directory and Azure Active Directory, as well as administration from Exchange. These features enable us to have fully automated processes to create new accounts and new mailboxes. The most valuable option is the ability to design an automated route to give our customers permissions.

The solution is also very flexible. We can adjust all the standard processes that One Identity comes with and we can create new processes. We can always change whatever we need to change.

View full review »

The best feature is the security of the solution. 

View full review »

In terms of what the most valuable feature of One Identity Manager is, that would be hard to say because the tool is great overall. There's not really one feature you'd prefer over other features, but what's really great, in my opinion, is the fact that the provisioning is really stable and accurate, and it's a process my company trusts. This means that without a lot of maintenance, I can be pretty sure that as soon as my alternative source gives a new identity or gives new information about a particular identity, everything will be transformed and executed the right way. My company has tried other solutions and there's always a struggle with the provisioning system in terms of knowing what systems work, but with One Identity Manager, this issue doesn't happen. It's also a really stable system which I like.

View full review »

As the team supporting the platform, one of the key features One Identity Manager has that was very valuable was the administration interface which allowed a quick easy overview of staff, their entitlements, and how they had were entitled to access.

Centralizing identity management allowed for a centralized governance model. 

The IT shop is a great tool that allows a simple interface for users to see their access, be able to request additional access, and view the workflow approval process to understand where their request is and what any hold-ups may be. 

View full review »

The most valuable features include the 

• automated attestations or recertification
• IT Shop, which reduced calls to the help desk by 60 percent from users not having to contact someone to request access to something. Now, they go to the Self Service portal. 

Those two are the biggest wins.

In addition, when it comes to usability and functionality, users are always the most difficult to please. But when we went to version 8, we actually had zero negative feedback. We had people who were praising the UI of the new version. It was very well received. We had no pushback or anything negative that we had to address.

Another huge win is that a lot of our producers and salespeople are constantly on the road, and making them log into a portal for approval was very difficult. Once we implemented the approval feature, those users were extremely happy with it. It saves time and helps the end-users to become productive sooner because they can do the approvals.

View full review »

In terms of the most valuable feature of One Identity Manager, it's not like one feature is useful without the other features. It's not a tool, but it's more an overall integrated solution that is helpful and not specifically one solution on its own. The best points of One Identity Manager would be its process orchestration and synchronization manager.

View full review »

The most valuable features are that it has a lot of capabilities, can integrate with a lot of systems, including automated onboarding like CyberArk, and allows you to integrate different entities.

View full review »

In dollars: access reviews. In QoL: Entitlement requesting, Approval workflow, and Attestations. 

At the start of our project, IT was considered a burden by most of the company. One Identity's easy to set up requestable items and the associated smart approval workflows gave IT the power to become a hero to the company. Eventually we had lines of business coming to us with requests to integrate more and more into the self-service portal. Then on top of that, the existing attestation cycles allowed us to confidently know for certain that correct access was issued and maintained across the company. 

View full review »

• It gives the best user experience, enabling us total transparency in user access rights.
• We unified business processes for students and staff at enrollment/hiring/graduation/termination of contract in all organizational units of the university.
• It reduced risks by granting adequate access rights to users.
• The best feature is that HR finally took responsibility of it, so not everything is on IT.
• The policy and role management features are important for identity management.

View full review »

The most valuable feature for me is the built-in security, which is the best that I have seen. The interface is also very good.

View full review »

It's the automation. With One Identity you can have multiple accounts and everything is managed in the same system. You don't need to manage different systems at different times. With just one, you can do everything. It saves a lot of time for us and simplifies things.

In terms of the policy and role management features, through the automation that we have within the system, we are able to simplify those processes. The role management is really a great solution because we assign and define roles within the system and then apply them to the identities that we create for our employees.

It is definitely a flexible solution. The connection with multiple systems is what makes it flexible. We can create the accounts flexibly, enabling access to other systems. In addition to Active Directory, it can extend to SAP, to Salesforce, to Office 365, etc.

View full review »

Nobody has to put people in AD groups by hand anymore. It goes automatically and that's very good.

It's also very flexible. It's quite easy to customize and we have customized it a lot. There are many features already in it that you can choose from but you don't have to use everything. You can use just a few features and leave things out.

View full review »

For me, personally, the automation is the most valuable feature. I don't have to do things manually, like creating user accounts and provisioning them to the target systems.

We are familiar with the policy and role management features and we are using some of them. They are very hard to define, but they are also very powerful in a way. You have to define them clearly before you start using them.

One Identity Manager is also flexible. If it doesn't have a feature that you want, out-of-the-box, you can customize it by creating scripts or modifying the schema. But you usually need consultants to do the job.

View full review »

The features are open and have a good tabular structure for the data, as well as the connected relational/relative topology.

View full review »

It is very flexible and adaptable to our needs and the ootb features are also quite comprehensive. The overview sheets are great.

View full review »

It is a flexible because it is customizable. It allows you to build anything on top of it.

View full review »

The standard connectors are the most valuable feature.

The product is flexible. For example, it offers cloud features.

View full review »

There are so many different connectors out-of-the-box, and the solution works fine. Overall, the product works well and is very good tool, which functions well.

It's pretty flexible because you can use it in almost every way you want. It is very open. It provides good insight on all the basic job chains, and you are free to use, extend, or change it.

View full review »

• It's very flexible. You can customize it to the fullest extent. You can use it for almost every situation for every customer.
• The policy and role management features are very good. They have gotten better over time.
• The privileged accounts governance features are very good.

View full review »

• To get an overview.
• To get a good structure.
• To get a good automation process.

View full review »

It is highly integrated with our clients.

The policy and role management features are good.

The solution is flexible because you can realize the customer needs. Therefore, it is easy to upgrade specialized things. It provides the flexibly, so you can implement customers' use cases.

View full review »

It brings simplicity into complex matters.

View full review »

The policy and role management features are superb. If you have a customer who is willing to go somewhere with role management, then the possibilities are endless with the product. It is well-structured, and the architecture is well-defined. I am quite content with it.

The solution is flexible. It is based on modules. Depending on the customer's needs, you can implement the different modules, which are accompanied with it. 

View full review »

Flexibility: It has many features which can be combined and configured in a great way, then put together in projects and ways that developers didn't think were possible, which has been great.

The policy and role management features are very powerful and useful for our customers. You can do anything there.

The privileged account governance features are great from the overall governance look, the things which you can do with it, and the results that you can achieve from it.

View full review »

The overall capabilities of the identity governance and administration (IGA) solution for identity management.

The flexibility of the solution: We are able to use what is out-of-the-box, customize and prioritize it, then further develop it to meet our needs. Our use for it is very complex, but we are able to achieve success with One Identity.

The back-end, its capabilities, and workflows are very good.

View full review »

• Publishing capabilities
• Connectors
• This solution is quite flexible. We have a lot of customization since we have our own business processes. 
• We use it to manage our users in SAP.

View full review »

The most valuable feature is the fact that we don't need paper anymore. We came from a paper solution and getting rid of the paper is valuable.

The solution is also flexible. We have customized our IT shop. Because we have so many applications, the solution, out-of-the-box, wasn't good enough for us. So we have customized all our workflows for approvals and it's working fine.

View full review »

Its flexibility is the most valuable feature, the way we can customize the user interface and the workflow processes. It helps us set up the correct approval processes.

View full review »

The most valuable feature is the configuration of users, especially onboarding and offboarding SAP roles. It is very important this is done in a fast way, especially in connection to the SAP HR system, where we can get a user onboarded as soon as they have the information recorded in HR.

View full review »

Workflow management is an important feature. With other identity management products, there was no workflow management so we had to build it ourselves. That's one of the reasons we selected One Identity.

We have also found the solution to be flexible. We can customize a lot of things and arrange most things within the product.

It has also definitely helped simplify compliance.

View full review »

The most valuable features of this solution are its handling and that it is easy to maintain and manage the data.

The solution is flexible in connection with the controls. For example, it's easy to implement, easy to handle, and understandable to configure.

The user interface needs improvement.

View full review »

Simulation mode of One Identity Manager for company policies, station policies, business roles, etc.

The solution is flexible. You can customize it a lot. You can also customize parts of it. You can can build connectors, connecting them to a new application, and so on.

View full review »

We no longer keep users who shouldn't exist.

It is flexible with APIs and the customizing of a portal.

View full review »

The most valuable features of the product are the recertification, segregation of duties, and user experience.

The simplicity of the policy and role management features make it easy to use for implementing policies and configuring them.

View full review »

The tool is like a big Lego in which you can use the parts that make sense for your organization.

It has several components out-of-the-box.

The solution is flexible, in general. You can define the parts of the solution that you want to use, and it won't affect the price. 

View full review »

Even without any customization, if you install it, configure it, it's ready. We may do some small customizations afterward, but the product is really good as is. It's very powerful. Without any customization, it starts working.

There is also a new feature, the Sync Engine, which is very good. Before, without it, the initial onboarding of HR systems was very difficult.

The policy and role management features are good, but not well-implemented in many companies because it's not that easy. It takes time. We are starting to use attestation in our current project and to follow the company policies. It takes time, but the feature is good. The company policies feature is really good because in workflows you can check whether the policies are all working. It's a good feature, but I don't think it is very common in many companies.

In terms of privileged account governance, in all of our previous projects we created privileged accounts and, again, with the new projects, we are going to start managing privileged accounts through One Identity. This feature is good. The new features are really good.

Finally, the product is flexible. We can easily customize almost any part of the system, such as having logic code inside the templates, inside the tables. And we can create processes as well. The customization makes it really flexible.

View full review »

It's a huge toolkit, and you can do a lot of stuff with it. You can extend nearly everything, so if you want to build something that may not have been though of by the vendor. You can do this with a partner, as we have done in the past. There is also support for these processes. Compared with other distributors who design their products to certain specification, you can put in your own processes, because not all companies function the same. You can write what you want, and the process should be like that.

The policy and role management features are huge. We have had some problems getting our colleagues onboard using these features. They are used to IT setting up everything. The features in the software are good, but there is a lot of transition you have to do inside a company to get these features working.

The solution is flexible. You can customize everything. You can do what you want in it. Sometimes, it is not unwise to do everything on your own, but you can.

View full review »

• Separated modules and integration allow for more capabilities 
• Graphical and tabular interfaces
• VB and SQL front-end and back-end

View full review »

Everything (location, cost center, department, business role, etc.) is a role.

The Data Importer is a great tool to create an ETL. It generates code which is easy to maintain later without the tool.

The Attestation function lets you easily define grant/deny workflows based on constellations in the database.

View full review »

The data is easy to manipulate using SQL queries and commands.

View full review »

The out-of-the-box connectors (SAP, LDAP, MS Active Directory, CSVs, etc.), and the one-stop-shop portal for user requests and authorizations which can be customized to display corporate logos and color schemes.

Additionally, certain “out-of-the-box” features can be configured to not be displayed or affect specific behaviors through the Project Configurator.

Additional customization requiring coding is possible, but requires additional planning, coding, and testing and is out of scope for this project.

In D1IM there are different ways of connecting with targeted systems. Out-of-the-box Connectors could be with:

• Connected system modules which allow interaction between D1IM and third party systems, with their specific schema extensions, dedicated synchronization templates and business logic. They allow deeper out-of-the-box target system management.
• Connectors which are predefined synchronization interfaces, developed by Dell, and are highly configurable but cannot be customized!

Interfaces are developed during IdM projects as an additional, customer specific feature of D1IM. This enables the connection of more proprietary or less common systems. Interfaces are easily changed in their functional behavior and implementation.

View full review »

Some valuable features are:

• Easy to configure, as it is mostly UI based
• Reporting
• Dashboard

View full review »

• The GUI is very impressive and clean (even cleaner and minimalistic in v7).
• JobQueueInfo does an amazing job tracking all processes.
• Synchronizations are easy to set up.
• Reporting capabilities are fantastic once you get the hang of using Report Editor.
• WebDesigner allows a lot of customizations to be added to the web project.
• Schema and table names are very logical. It is very easy to find something in the database just because of the fact that the naming convention in the schema is very logical and consistent.
• It's a feature-rich product: a suite of very powerful tools with a lot of functionalities once you get the knack of them.

View full review »

• GUI
• Reporting capabilities

View full review »