We just raised a $30M Series A: Read our story

Top 8 Customer Identity and Access Management Tools

ForgeRockAuth0Omada IdentityFronteggWSO2 Identity ServerOkta Customer IdentitySalesforce IdentitySAP Customer Identity and Access Management
  1. leader badge
    The solution is very scalable. We have a lot of users that have been increasing over the years that we have been using it. We have approximately 20,000 users.
  2. The most important thing for me is compliance. Everything that they have developed in Auth0 is already certified by many regulators such as ISO. So, we do not need to take care of that. We have the shared responsibility model to share assets with other products we are using in the cloud.
  3. Find out what your peers are saying about ForgeRock, Auth0, Omada and others in Customer Identity and Access Management. Updated: October 2021.
    542,721 professionals have used our research since 2012.
  4. The Governance and self-service that can be set up so you can use them yourself to work in the system are the most valuable features. End users can be enabled to help themselves.
  5. It has Audit Log and many cool features that if we were to develop them by ourselves, it would require a lot of research and development resources. Frontegg gives us everything we need to ensure that our customers have a safe and reliable authentication system in which they can also manage some of the features and roles by themself which gives them more control over their environment.
  6. Some of the valuable features of the solution are the easy integration with processes, such as Single Sign-On. Overall WSO2 is straightforward and does not need customization.
  7. The solution has great multifactor authentication.I think all the functions of the solution are vital and important because life cycle management is important for some companies. The Single Sign-On feature is fantastic for different customers and advanced server access is really good for access to the servers.
  8. report
    Use our free recommendation engine to learn which Customer Identity and Access Management solutions are best for your needs.
    542,721 professionals have used our research since 2012.
  9. The user experience was great because it had all the features that the client needed. It was fully customized for the client, and it was very simple. It was the best solution at that time.
  10. The most valuable aspect of the product is the provisioning of a lot of SAP systems. It offers automated provisioning.

Advice From The Community

Read answers to top Customer Identity and Access Management questions. 542,721 professionals have gotten help from our community of experts.
Amimesh Anand
Hi community, Our client is looking for risk elimination but doesn't want IdAM to be implemented? How can we convince the client to choose IdAM? What approach would you use? Also, which tool can be embedded along with IdAM to make security more efficient and more versatile?
author avatarSamuel Paul
Real User

Hi @Amimesh Anand,

It seems to be important first to analyse the current situation of your client. Because you can easily highlight main topics to talk about security.

By the way, you can have 2 different approaches, according to the Identities stuff and Roles subjects.

Identities - to guarantee a unique identity to everyone, a manager for everyone, no orphan accounts, accounts are automatically activated/deactivated on the due date, etc.

Role - to be sure everyone is granted (when they need) specific roles and roles are removed when it is not necessary anymore. Without role management, it is not possible to easily manage it, except if there are 6 employees in the company.

Those are a couple of examples but the list is quite long, actually.

author avatarBharat Halai, CISSP
Real User

It all depends on the risks but just look at Maersk - NotPetya and other cyber incidents. 

Prevention is so much better than cure! Trust me - it is one year of my life - I will never get back.

author avatarJay Bretzmann
Real User

What's the issue, expense?  How does one eliminate risk if they can't positively identify who's logging into the network?  Depending upon the devices (endpoints) in use, I'd recommend steering them toward a push MFA solution (Duo is an example).  A lot of companies will add simple SMS OTP or those annoying six-digit codes sent to your phone, and while it's better than nothing, the SS7 protocol is susceptible to Man-in-the-middle attacks.  

If you need some backup material, go download Verizon's DBIR. The #1 attack vector for years running is identity compromise or credential theft.

author avatarCaseyWhitcher

I think in your initial interview, and evaluation with the client, the necessity will answer for itself.  

What is your normal process for adding a new user? what is your normal process for terminating a user from your system? How much time does that take? How much does that cost? How do you know if you have orphaned accounts?  is it important for you to know who has access to what systems? if so, how do you know that answer? Is it important for you to know who has certain roles in certain applications? If so how do you determine that?  

This is really more of a sales question than a tech question if you want to get a positive response, throwing tech at them will just give them room to debate, or dig their heels in, find out what their problems are, find out how to help them, let them tell you their problems or processes, and you show them how to solve them they will be asking you for the solution, you won't have to recommend it. 

author avatarEnrique Leon, CISA
Real User

So we do not give you a textbook answer that may or may not apply. 

Can you help us answer your question by providing a bit of details about the organization? To help guide any customer, understanding their current environment is imperative. For example:  how big is the IT dept, the company? what industry are they in? what workloads are they running? what infrastructure? etc.  

Not too crazy details, but basics.

Evgeny Belenky
Dear IT Central Station community, What advice can you share with the community (especially with enterprise users) on Password Day 2021? Thanks, IT Central Station Community Team
author avatarSylvain Déjardin
Real User


As requested by Evgeny, my 2 cents.

Nowadays "Password" are still needed. They should be kept in a vault in order to copy/paste them with some kind of security feeling. Mandatory in IT with compliancies and good thing at home.

Tomorrow maybe endusers would have a "security device" to protect their access and share their controlled identity through unique Authentification service. (Because SMS and OTP are not so secure)

Today only few public website use security device.

But more and more company use them at least to secure each employee vault like Big 4 IT/Compagnies

Kind Regards

author avatarreviewer1324719 (PAM Architect at a tech services company with 11-50 employees)
Real User

The very question is endemic of the problem associated with passwords. A day devoted to password considerations. Tomorrow they will be long forgotten. As I see it, there are a few levels of considerations to be included in this question:

  1. Personally related

    1. Banks

    2. Brokerages

    3. Utilities

    4. Commercial credit cards

  2. Private Memberships

    1. Organization memberships

    2. Financial responsibilities

    3. Membership Roles & Access

  3. Professional

    1. Internal organizational

      1. Email

      2. SharePoint

      3. Workday

    2. Client based

      1. VPN

      2. Access oriented (Systems, applications, resources)

Most personal users use the same password for ALL their connections. Worse, many users cache and remember these connections in their browsers. This is the #1 area I would suggest addressing to have the greatest positive impact for Home User scenarios.

A good password with length and complexity is the start, followed by having a password vault, with Norton Password Safe being my favorite, but Pwsafe and KeePass are good candidates for storage of many complex passwords.

Apply these principles personally and professionally.

Find out what your peers are saying about ForgeRock, Auth0, Omada and others in Customer Identity and Access Management. Updated: October 2021.
542,721 professionals have used our research since 2012.