What needs improvement with Oracle Access Manager?

For scalability, Oracle Access Manager demonstrates a high level due to high availability and scalability with redundant nodes to load balance across multiple nodes for Oracle Access Manager and Oracle Internet Directory to distribute the load. Oracle Access Manager is not very suitable or too heavy for cloud-native environments and needs more customization and configuration compared to authorization servers such as Keycloak or WSO2 Identity Server.

There is always room for improvement with emerging technology and emerging threats. Hackers are bypassing MFA and passwords. There is always room for improvement for every product. This is applicable for every product in Access Management, including Oracle Access Manager, ForgeRock, Okta, and IBM Access Manager. They have to keep their guards up constantly because nowadays with AI, there are different threats emerging. The best thing about Oracle is that they always provide regular packages and security feature updates through their service.

When integrating non-Oracle products with Oracle Access Manager, the process can be quite different and tricky compared to integrating Oracle applications. I suggest Oracle make the integration process for non-Oracle applications as straightforward and easy as it is for Oracle applications.

To improve Oracle Access Manager, they should consider integrating more policies and enhancing automation, especially in managing server load and cache cleanup. Enhancements in automation would ease management, particularly during unexpected server overloads. Adding these features would significantly improve efficiency and user experience.

Based on my experience and client feedback, there are a few areas where Oracle Access Manager could improve. The user interface is a bit complicated and could be made more lightweight. Simplifying the installation process, perhaps through a VDAR-based installation, would also be beneficial. Regarding additional functionality, it would be great if Oracle Access Manager could incorporate consumer identity and access management features, such as progressive profiling and User Managed Access (UMA). Improving latency and creating a more graphical user journey would also enhance the overall user experience.

The product must improve multi-factor authentication. Multi-factor authentication requires a lot of processes and technicalities. It also involves a lot of costs.

The solution's lifecycle management is troublesome. Also, another area of issue in the solution is the part involving documentation of certain features. So, there are a lot of undocumented features in the solution or badly documented features, which are built-in into the solution later for special use cases. The base configuration of the solution is not very complex, especially once a person knows how to do it. But then, if one wants special options, they are poorly documented.

The performance of Oracle Access Manager could be improved. My company had some issues accessing it in terms of setup and configuration. It should be quick to install, but it wasn't, so this is another area for improvement. The Oracle Access Manager console also has room for improvement because it's slow, so configuration and user management takes a lot of time. Configuring policies and blocking and unblocking URLs take time, so the user experience for Oracle Access Manager isn't as great.

Sometimes if a session takes too long, you have to log in again. Instead of it giving you an explicit error or an explicit message that the session was expired, you need to log in again. It takes you to a certain empty page where you see the Access Manager. It does not give you help. It would be ideal if they could prompt a more user-friendly message so that someone knows that they have timed out in the session if it was idle. That is the main area out for improvement. The rest is fine. It has a complex setup. The user interface could be a bit better.

In the next release, they should focus more on use cases related to customer access management, customer identity, and access management.

There could be some improvements in the documentation and overall knowledge base of the solution.

The initial implementation can definitely be improved because you have to work on several components to configure it correctly. Nowadays, most of the solutions are a few clicks before they are installed and then configured. Technical support needs improvement, they could be 200% better. The reason that most people are having problems is because of the support they provide. It's very difficult to engage with them or to get the answers to your queries. The turnaround time is very slow. It needs to be faster. In the next release, I would like to see the integration with non-Microsoft products as well. It takes a lot of time to integrate it with non-Oracle products. If you have an Oracle ecosystem then you can integrate it, but if it is Microsoft SQL or any other databases that are being used then it is not interoperable. It works but it takes time. I would like to see if they can easily integrate with other technologies.

I think two aspects of this product can be improved. The first is that the product overly complex to install and configure. The second is the reliability of the product. It was not very stable and dependable during the period of our experience with it. We definitely had some problems with the stability of the product. Specifically, I remember we had some performance problems due to coherence issues and also problems related to the database. It seems that Oracle Access Manager makes use of a database to store configurations and the session information. In practice, this did not work very well and was resource-intensive. I don't remember exactly everything about the situation right now, but the resources were not being used well and that was the main issue with the product performance and lack of stability. It is difficult to consider the potential for additional features the product might need because the product already has all the features that we needed to fulfill our customer's requirements for the product. So we do not actually need any additional features in particular in order to satisfy our use case. There is the possibility that there could be an addition of some type of risk analysis or adaptive authentication based on risk analysis. But if I'm not mistaken, Oracle already has a separate solution called Oracle Adaptive Access Manager that provides this functionality. It is a feature in another product that is a separate solution — which also means a separate licensing cost. Maybe that is already how they want to pose this as a solution: you install the Oracle Adaptive Manager as a separate product and you integrate both of them. It is just adding another level of complexity and cost. I have not used Oracle Adaptive Access Manager, so I cannot say much about it. But risk analysis is a trending topic in web access management products these days.

The pricing of the solution is in need of improvement. Oracle products are very expensive. The customization is good, but it could be better still. The documentation needs to be improved. It should offer much more detail than what is currently available.

The mobile access to the solution isn't ideal. They should work to improve its functionality.

It's difficult to say how this solution can be improved since I have been using it for one month. Maybe the user interface needs improvement. However, it's easy to navigate and the process is clearly shown, I don't see much that needs improvement.

The product could be improved by simplifying changing the master password. That is, if you change a password in one place it would be good to automate changing the password for all the gateways so that change is less complicated.