# Best User Provisioning and Governance Tools *By [Brandon Summers-Miller](https://research.g2.com/insights/author/brandon-summers-miller)* User provisioning and governance tools gives a single point of maintenance to manage user access to IT applications. Companies need identity governance and administration (IGA) programs to maintain organized records of user information such as personal information, account histories, or application credentials. These confidential records can be used by employees and administrators to retain information and regulations. IT managers and administrators use the information in these systems to automate tasks such as account creation, editing, or deleting, which can help facilitate employee lifecycle changes like onboarding, promotions, or termination. Human resource workers may utilize the databases as well to aggregate information about employees and monitor access requests. There is significant overlap between user provisioning software and cloud identity and access management. Many products function on a hybrid on­-premise and cloud level, but user provisioning and governance software solutions may not be able to provide remote access. These products will also often integrate with or provide SSO/federation or [password management](https://www.g2.com/categories/password-manager) capabilities. To qualify as user provisioning and governance solution, a product must: - Possess infrastructure to store and access identity information - Provide administrator tools to create access requirements - Automate processes related to identity administration - Provide security or authentication features to protect sensitive information ## Category Overview **Total Products under this Category:** 189 ## Trust & Credibility Stats **Why You Can Trust G2's Software Rankings:** - 30 Analysts and Data Experts - 13,900+ Authentic Reviews - 189+ Products - Unbiased Rankings G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category. ## Best User Provisioning and Governance Tools At A Glance - **Leader:** [Okta](https://www.g2.com/products/okta/reviews) - **Highest Performer:** [CoreView](https://www.g2.com/products/coreview/reviews) - **Easiest to Use:** [Okta](https://www.g2.com/products/okta/reviews) - **Top Trending:** [Rippling IT](https://www.g2.com/products/rippling-it/reviews) - **Best Free Software:** [JumpCloud](https://www.g2.com/products/jumpcloud/reviews) --- **Sponsored** ### Hire2Retire RoboMQ’s Hire2Retire is a comprehensive workforce lifecycle management solution that manages the entire JML lifecycle events, such as hiring, department transfers, terminations, and long-term leaves. It is an Identity and Access Management platform that synchronizes HR with IT infrastructure, including Active Directory(AD), Okta, and Google Workspace. Hire2Retire enables organisations to effectively manage employee access and privileges throughout their work cycle. 
 Hire2Retire integrates with 27 HR and ATS systems, identity providers (IdP) like Active Directory, Entra ID, Okta, and Google Workspace, along with 10+ leading Service Management platforms like ServiceNow, Salesforce, SolarWinds, and FreshService. Hire2Retire has 100’s of connectors to auto-provision access to third-party applications based on profile-driven employee privileges. Hire2Retire benefits mid to large fast-growing enterprises that face challenges in manual workforce lifecycle management. Traditional onboarding and offboarding processes can be tedious, slow, and error-prone, leading to security and compliance risks. It can also lead to poor employee experience and wasted costs and resources. Hire2Retire, by enabling onboarding and offboarding automation, ensures businesses spend less time in workforce lifecycle management and more time in strategic initiatives. Customers prefer the Hire2Retire workforce lifecycle management and identity provisioning solution from RoboMQ for: - Significant reduction in cost through elimination of tedious and repetitive tasks of costly sysadmin resources - Better new hire experience by providing a superior “First Day at Work” experience. It ensures that employee email, AD profile, and role-based access to systems and tools are in place when the new hire walks in - Manages and controls access and privileges to systems and data based on employee roles - Prevents security and reputation risks by ensuring timely removal of access on termination and change of roles [Visit company website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=paid_promo&secure%5Bad_slot%5D=category_product_list&secure%5Bcategory_id%5D=255&secure%5Bmedium%5D=sponsored&secure%5Bprioritized%5D=false&secure%5Bproduct_id%5D=168476&secure%5Bresource_id%5D=255&secure%5Bresource_type%5D=Category&secure%5Bsource_type%5D=category_page&secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fuser-provisioning-and-governance-tools&secure%5Btoken%5D=a79c93b989a00b82bb68f2a66b8495f2bcc57b65771fb6b53a85792a2bc52ef3&secure%5Burl%5D=https%3A%2F%2Fwww.robomq.io%2Fproducts%2Fhire2retire%2F&secure%5Burl_type%5D=paid_promos) --- ## Top-Rated Products (Ranked by G2 Score) ### 1. [Okta](https://www.g2.com/products/okta/reviews) Okta, Inc. is The World’s Identity Company™. We secure AI, machine, and human identity so everyone is free to safely use any technology. Our customer and workforce solutions empower businesses and developers to protect their AI agents, users, employees, and partners while driving security, efficiencies, and innovation. Learn why the world’s leading brands trust Okta for authentication, authorization, and more at okta.com. **Average Rating:** 4.5/5.0 **Total Reviews:** 1,183 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.9/10 (Category avg: 9.0/10) - **Mobile App:** 8.9/10 (Category avg: 7.5/10) - **APIs:** 9.1/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 9.0/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Okta](https://www.g2.com/sellers/okta) - **Company Website:** https://okta.com - **Year Founded:** 2009 - **HQ Location:** San Francisco, California - **Twitter:** @okta (42,719 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/926041/ (7,230 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Software Engineer, Account Executive - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 50% Mid-Market, 39% Enterprise #### Pros & Cons **Pros:** - Ease of Use (207 reviews) - Security (158 reviews) - Authentication Security (153 reviews) - Single Sign-On (143 reviews) - Easy Access (140 reviews) **Cons:** - Authentication Issues (77 reviews) - Login Issues (64 reviews) - Expensive (46 reviews) - Complex Setup (44 reviews) - Frequent Authentication (39 reviews) ### 2. [JumpCloud](https://www.g2.com/products/jumpcloud/reviews) JumpCloud® delivers a unified identity, device, and access management platform that makes it easy to securely manage identities, devices, and access across your organization. With JumpCloud, IT teams and MSPs enable users to work securely from anywhere and manage their Windows, Apple, Linux, and Android devices from a single platform. **Average Rating:** 4.5/5.0 **Total Reviews:** 3,805 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.0/10 (Category avg: 9.0/10) - **Mobile App:** 7.4/10 (Category avg: 7.5/10) - **APIs:** 8.3/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 8.5/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [JumpCloud Inc.](https://www.g2.com/sellers/jumpcloud-inc) - **Company Website:** https://jumpcloud.com/ - **Year Founded:** 2012 - **HQ Location:** Louisville, CO - **Twitter:** @JumpCloud (36,489 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/jumpcloud/ (959 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** IT Manager, System Administrator - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 53% Mid-Market, 36% Small-Business #### Pros & Cons **Pros:** - Ease of Use (881 reviews) - Device Management (664 reviews) - Security (519 reviews) - Integrations (482 reviews) - Features (431 reviews) **Cons:** - Missing Features (382 reviews) - Improvement Needed (301 reviews) - Limited Features (235 reviews) - Limitations (177 reviews) - Learning Curve (156 reviews) ### 3. [Microsoft Entra ID](https://www.g2.com/products/microsoft-entra-id/reviews) Entra ID is a complete identity and access management solution with integrated security that connects people to their apps, devices, and data and helps protect from identity compromise. With Entra ID, you get: • Secure adaptive access with multi-factor authentication and Conditional Access policies • Seamless user experience with single sign-on, passwordless and user portal • Unified identity management that connect all internal and external users to all apps and devices. • Simplified Identity Governance with provisioning, access packages, and access reviews. Microsoft Entra is our new product family that encompasses all of Microsoft’s identity and access capabilities. The Entra family includes Microsoft Entra ID, as well as two new product categories: Cloud Infrastructure Entitlement Management (CIEM) and decentralized identity. The products in the Entra family will help provide secure access to everything for everyone, by providing identity and access management, cloud infrastructure entitlement management, and identity verification. **Average Rating:** 4.5/5.0 **Total Reviews:** 863 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.0/10 (Category avg: 9.0/10) - **Mobile App:** 8.4/10 (Category avg: 7.5/10) - **APIs:** 8.9/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 8.7/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Microsoft](https://www.g2.com/sellers/microsoft) - **Year Founded:** 1975 - **HQ Location:** Redmond, Washington - **Twitter:** @microsoft (13,105,844 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/microsoft/ (227,697 employees on LinkedIn®) - **Ownership:** MSFT **Reviewer Demographics:** - **Who Uses This:** Software Engineer, System Engineer - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 39% Mid-Market, 36% Enterprise #### Pros & Cons **Pros:** - Ease of Use (129 reviews) - Security (122 reviews) - Single Sign-On (90 reviews) - Identity Management (89 reviews) - Integrations (80 reviews) **Cons:** - Complexity (56 reviews) - Expensive (53 reviews) - Complex Administration (42 reviews) - Difficult Learning (38 reviews) - Complex Setup (37 reviews) ### 4. [1Password](https://www.g2.com/products/1password/reviews) The Most Used Enterprise Password Manager, trusted by over 180,00 businesses, 1Password helps improve security, visibility and control over how their passwords and company data are protected. Secure every sign-in by integrating 1Password with your existing IAM infrastructure. Enforce strong, integrated security policies at scale, be proactive about cybersecurity threats to reduce risk, and quickly and easily generate detailed reports on password security posture. **Average Rating:** 4.6/5.0 **Total Reviews:** 1,728 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.0/10) - **Mobile App:** 9.0/10 (Category avg: 7.5/10) - **APIs:** 8.3/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 9.2/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [1Password](https://www.g2.com/sellers/1password) - **Company Website:** https://1password.com/ - **Year Founded:** 2005 - **HQ Location:** Ontario - **Twitter:** @1Password (139,662 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/1password/ (2,911 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Software Engineer, CEO - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 55% Small-Business, 32% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (333 reviews) - Security (271 reviews) - Password Management (182 reviews) - Intuitive (144 reviews) - Easy Access (134 reviews) **Cons:** - Password Management (95 reviews) - Expensive (91 reviews) - Login Issues (69 reviews) - Autofill Issues (64 reviews) - Cost (60 reviews) ### 5. [Rippling IT](https://www.g2.com/products/rippling-it/reviews) Transform your organization’s IT operations with Rippling’s unified platform for identity, device, access, and security management. Centralize every IT workflow, from provisioning apps and laptops to enforcing security policies, in a single dashboard. Seamlessly manage the entire employee lifecycle, automatically granting and revoking app access, configuring devices, and maintaining least-privilege controls. Enforce compliance with real-time monitoring, automated patching, and integrated endpoint protection. Streamline offboarding with instant lockouts and secure device recovery. Gain full visibility across hardware, software, and user risk without the complexity of multiple tools. Rippling helps your business cut costs, eliminate manual work, and strengthen security, so your team can move faster. Experience the power of unified IT management with Rippling today. **Average Rating:** 4.7/5.0 **Total Reviews:** 1,007 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.9/10 (Category avg: 9.0/10) - **Mobile App:** 7.9/10 (Category avg: 7.5/10) - **APIs:** 8.7/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 8.8/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Rippling](https://www.g2.com/sellers/rippling) - **Company Website:** https://www.rippling.com - **Year Founded:** 2016 - **HQ Location:** San Francisco, CA - **Twitter:** @Rippling (12,082 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/17988315/ (6,941 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Software Engineer, CEO - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 60% Mid-Market, 27% Small-Business #### Pros & Cons **Pros:** - Ease of Use (670 reviews) - Intuitive (467 reviews) - Simple (413 reviews) - Easy Access (374 reviews) - User Interface (361 reviews) **Cons:** - Missing Features (165 reviews) - Limited Features (112 reviews) - Improvement Needed (89 reviews) - Learning Curve (75 reviews) - Poor Customer Support (73 reviews) ### 6. [CyberArk Workforce Identity](https://www.g2.com/products/cyberark-workforce-identity/reviews) CyberArk Identity Overview CyberArk Identity is a SaaS-delivered suite of solutions designed to simplify identity and access management in enterprises. CyberArk Identity unifies Workforce Access and Identity Management solutions in a single offering. Workforce Access capabilities include single sign-on, multi-factor authentication, session security, and credential management. Identity Management capabilities include lifecycle management, identity orchestration, and identity governance. With CyberArk Identity, organizations can secure workforce access to applications, endpoints, and infrastructure and protect themselves from the leading cause of data breaches – compromised credentials. CyberArk Identity is part of the CyberArk Identity Security Platform. Built for the dynamic enterprise, CyberArk Identity Security Platform secures access for any identity to any resource or environment from anywhere using any device. The CyberArk Identity Security Platform enables operational efficiencies with a single admin portal, streamlines meeting compliance requirements with unified audit capabilities, and delivers Identity Security Intelligence for continuous identity threat detection and protection. Workforce Access solutions: • CyberArk Single Sign-On (SSO) is an easy-to-manage solution for one-click access to your cloud, mobile, and legacy apps. CyberArk SSO enables a secure and frictionless sign-in experience for both internal and external users that adjusts based on risk. • CyberArk App Gateway is an add-on to our Single Sign-On solution that enables VPN-less access to legacy applications. It allows companies to set up per-application, per-user access to individual legacy applications hosted on-premises. • CyberArk Adaptive Multi-Factor Authentication (MFA) helps strengthen security and prevent attacks involving compromised credentials by requiring users to present multiple forms of evidence to gain access to your applications. Unlike traditional MFA solutions, CyberArk Adaptive MFA uses AI-powered behavioral analytics and contextual information to determine which authentication factors to apply to a particular user in a specific situation. • CyberArk Secure Web Sessions is a cloud-based service that enables organizations to monitor, record, and audit end-user activity within high-risk and high-value web applications. Security and compliance specialists can use Secure Web Sessions to search recorded sessions using free text input and quickly filter events by users, dates, and actions. • CyberArk Workforce Password Management is an enterprise-focused password manager providing a user-friendly solution to store business application credentials in a centralized vault and securely share them with other users in the organization. Identity Management Services: • CyberArk Identity Lifecycle Management provides an easy way to route application access requests, create application accounts, manage entitlements for those accounts, and revoke access when necessary. • CyberArk Identity Flows is an identity orchestration solution that improves security, efficiency, and productivity by automating identity data and events. With Identity Flows, organizations can orchestrate complex identity management processes and synchronize identity data across diverse applications, directory stores, and repositories. • CyberArk Identity Compliance solution continuously discovers access, streamlines access certifications, and provides comprehensive identity analytics. Identity Compliance automates manually intensive, error-prone administrative processes, ensuring all workforce and privileged access rights are properly assigned and continually certified across enterprises. **Average Rating:** 4.5/5.0 **Total Reviews:** 125 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.0/10 (Category avg: 9.0/10) - **Mobile App:** 6.9/10 (Category avg: 7.5/10) - **APIs:** 7.7/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 8.4/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [CyberArk](https://www.g2.com/sellers/cyberark) - **Year Founded:** 1999 - **HQ Location:** Newton, MA - **Twitter:** @CyberArk (17,740 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/26630/ (5,022 employees on LinkedIn®) - **Ownership:** NASDAQ:CYBR **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Financial Services - **Company Size:** 49% Enterprise, 49% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (14 reviews) - Access Management (6 reviews) - Intuitive (6 reviews) - Customer Support (5 reviews) - Access Control (4 reviews) **Cons:** - Missing Features (4 reviews) - Integration Issues (2 reviews) - Lack of Automation (2 reviews) - Lack of Features (2 reviews) - Browser Extension Issues (1 reviews) ### 7. [SailPoint](https://www.g2.com/products/sailpoint/reviews) SailPoint is the leader in identity security for the modern enterprise. Harnessing the power of AI and machine learning, SailPoint automates the management and control of access, delivering only the required access to the right identities and technology resources at the right time. Our sophisticated identity platform seamlessly integrates with existing systems and workflows, providing the singular view into all identities and their access. We meet customers where they are with an intelligent identity solution that matches the scale, velocity and environmental needs of the modern enterprise. SailPoint empowers the most complex enterprises worldwide to build a security foundation grounded in identity security. **Average Rating:** 4.5/5.0 **Total Reviews:** 168 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.7/10 (Category avg: 9.0/10) - **Mobile App:** 5.9/10 (Category avg: 7.5/10) - **APIs:** 7.4/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 7.9/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [SailPoint](https://www.g2.com/sellers/sailpoint) - **Company Website:** https://www.sailpoint.com - **Year Founded:** 2004 - **HQ Location:** Austin, TX - **Twitter:** @SailPoint (15,045 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/47456/ (3,441 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Software Engineer - **Top Industries:** Financial Services, Information Technology and Services - **Company Size:** 76% Enterprise, 18% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (36 reviews) - Features (30 reviews) - Security (24 reviews) - Identity Management (21 reviews) - Integrations (21 reviews) **Cons:** - Improvement Needed (17 reviews) - Poor Customer Support (16 reviews) - Missing Features (14 reviews) - Expensive (12 reviews) - Difficult Learning (11 reviews) ### 8. [AvePoint Confidence Platform](https://www.g2.com/products/avepoint-confidence-platform/reviews) AvePoint is the global leader in data protection, unifying data security, governance, and resilience to provide a trusted foundation for AI. More than 28,000 customers rely on the AvePoint Confidence Platform to secure, govern, and rapidly recover data across Microsoft, Google, Salesforce, and other cloud environments. With a single platform for lifecycle control, multicloud governance, and rapid recovery paired with clear ownership across the business, we prevent overexposure and sprawl, modernize legacy and fragmented data, and minimize data loss and interruption. Our global partner ecosystem includes approximately 6,000 MSPs, VARs, and SIs, and our solutions are available in over 100 cloud marketplaces. To learn more, visit www.avepoint.com. **Average Rating:** 4.5/5.0 **Total Reviews:** 115 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.0/10 (Category avg: 9.0/10) - **Mobile App:** 10.0/10 (Category avg: 7.5/10) - **APIs:** 10.0/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 8.3/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [AvePoint](https://www.g2.com/sellers/avepoint) - **Company Website:** https://www.avepoint.com/ - **Year Founded:** 2001 - **HQ Location:** Jersey City, NJ - **Twitter:** @AvePoint (9,770 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/46024/ (2,485 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 42% Mid-Market, 28% Small-Business #### Pros & Cons **Pros:** - Ease of Use (64 reviews) - Cloud Backup (29 reviews) - Backup Frequency (25 reviews) - Security (25 reviews) - Easy Setup (22 reviews) **Cons:** - Expensive (12 reviews) - Backup Issues (10 reviews) - Poor Customer Support (9 reviews) - Slow Performance (9 reviews) - Technical Issues (9 reviews) ### 9. [BetterCloud](https://www.g2.com/products/bettercloud/reviews) BetterCloud is a comprehensive SaaS management platform designed to assist IT teams in effectively managing and optimizing their software-as-a-service (SaaS) applications. This solution focuses on automating essential processes such as onboarding, offboarding, mid-lifecycle changes, give you greater control and insight into your SaaS apps, thousands of forward-thinking organizations rely on BetterCloud to transform employee experience, optimize software spend, and strengthen overall security. By leveraging BetterCloud, organizations can significantly reduce the manual workload associated with SaaS management, achieving up to a 78% reduction in operational tasks. Targeted primarily at IT departments and SaaS operations teams, BetterCloud addresses the challenges faced by organizations that utilize multiple SaaS applications. As businesses increasingly adopt cloud-based solutions, the complexity of managing user access, security policies, and application lifecycles grows. BetterCloud provides a centralized platform that streamlines these processes, ensuring that IT teams can maintain control and compliance while enhancing overall operational efficiency. Key features of BetterCloud include automated user lifecycle management, which simplifies the onboarding and offboarding of employees, ensuring that access rights are promptly granted or revoked as needed. Additionally, the platform offers robust security policy management, allowing organizations to enforce compliance and protect sensitive data across their SaaS ecosystem. BetterCloud also supports mid-lifecycle changes, enabling IT teams to adapt user access as roles and responsibilities evolve within the organization. The benefits of using BetterCloud extend beyond mere automation. By reducing the time spent on repetitive tasks, IT teams can focus on strategic initiatives that drive business growth and innovation. Furthermore, the platform's ability to provide insights into application usage and security posture empowers organizations to make informed decisions about their SaaS investments. With a strong reputation in the industry, backed by over a decade of experience and recognition from leading analyst firms, BetterCloud stands out as a trusted partner for organizations looking to optimize their SaaS operations. In summary, BetterCloud is not just a tool for managing SaaS applications; it is a strategic solution that transforms the way organizations handle their cloud-based software. By automating critical processes and providing valuable insights, BetterCloud enables IT teams to enhance productivity, improve security, and ultimately drive better business outcomes in a rapidly evolving digital landscape. **Average Rating:** 4.4/5.0 **Total Reviews:** 471 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.1/10 (Category avg: 9.0/10) - **Mobile App:** 6.0/10 (Category avg: 7.5/10) - **APIs:** 8.1/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 7.8/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [CORESTACK](https://www.g2.com/sellers/corestack) - **Company Website:** https://www.corestack.io/ - **Year Founded:** 2016 - **HQ Location:** Bellevue, WA - **Twitter:** @corestack (1,020 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/corestack (208 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** IT Manager, Systems Administrator - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 60% Mid-Market, 28% Enterprise #### Pros & Cons **Pros:** - Automation (47 reviews) - Ease of Use (42 reviews) - Onboarding (31 reviews) - Time-saving (27 reviews) - Offboarding Process (25 reviews) **Cons:** - Limited Features (28 reviews) - Integration Issues (21 reviews) - Missing Features (19 reviews) - Access Limitations (13 reviews) - Lacking Features (13 reviews) ### 10. [Saviynt](https://www.g2.com/products/saviynt-saviynt/reviews) Saviynt helps organizations transform their organization with identity security. Our AI-first platform enables enterprises to secure every identity — human, non-human, and AI — within any application and in any environment. With Saviynt, organizations strengthen their identity security posture, streamline operations, and ensure that every user has the right access at the right time. The Saviynt Identity Platform unifies identity governance (IGA), application access, cloud security, and privileged account management into a single, end-to-end platform. And, with our AI-powered recommendation engine, application onboarding, and more, users are empowered to make faster, smarter, data-driven decisions. In turn, organizations enjoy lower risk, complete visibility and governance, reduced total cost of ownership, and much more throughout their entire identity security program. **Average Rating:** 4.4/5.0 **Total Reviews:** 77 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.0/10 (Category avg: 9.0/10) - **Mobile App:** 5.9/10 (Category avg: 7.5/10) - **APIs:** 7.6/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 8.1/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Saviynt](https://www.g2.com/sellers/saviynt) - **Company Website:** https://www.saviynt.com - **Year Founded:** 2010 - **HQ Location:** El Segundo, US - **Twitter:** @saviynt (1,233 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/saviynt (1,579 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Oil & Energy - **Company Size:** 80% Enterprise, 5% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (29 reviews) - Features (23 reviews) - Easy Setup (13 reviews) - Customer Support (11 reviews) - Integrations (11 reviews) **Cons:** - Difficult Learning (9 reviews) - Lack of Features (9 reviews) - Limited Features (9 reviews) - Poor Interface Design (9 reviews) - Complexity (8 reviews) ### 11. [SAP Access Control](https://www.g2.com/products/sap-access-control/reviews) SAP Access Control is a comprehensive solution designed to help organizations manage and enforce user access policies across SAP and third-party systems. By automating user provisioning, conducting real-time risk analyses, and ensuring compliance with regulatory requirements, it enables businesses to grant employees the necessary applications and services without exposing sensitive data and processes to unauthorized use. Key Features and Functionality: - Access Risk Analysis: Identifies and remediates violations of segregation of duties and critical access through embedded risk analysis, ensuring that no single user can perform conflicting tasks that could lead to fraud or errors. - User Access Management: Automates user access assignments across SAP and third-party systems, streamlining the provisioning and deprovisioning processes while maintaining compliance. - Role-Based Access Control: Defines and maintains compliance roles in business-friendly terms, allowing organizations to standardize and streamline the role creation and maintenance process. - Regular Reviews: Conducts periodic user-access reviews to ensure compliance with segregation of duties rules and other access policies, facilitating continuous compliance monitoring. - Emergency Access Management: Grants temporary super-user status with "firefighter" login IDs in a controlled, auditable environment, allowing for emergency access without compromising security. Primary Value and Problem Solved: SAP Access Control addresses the critical need for secure and compliant user access management within organizations. By automating access provisioning, enforcing compliance checks, and providing tools for risk analysis and mitigation, it helps businesses prevent unauthorized access, reduce the risk of fraud, and ensure adherence to regulatory requirements. This comprehensive approach not only enhances security but also improves operational efficiency by reducing the administrative burden associated with manual access management processes. **Average Rating:** 4.5/5.0 **Total Reviews:** 30 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.0/10 (Category avg: 9.0/10) - **Mobile App:** 3.3/10 (Category avg: 7.5/10) - **APIs:** 5.0/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 5.0/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [SAP](https://www.g2.com/sellers/sap) - **Year Founded:** 1972 - **HQ Location:** Walldorf - **Twitter:** @SAP (297,227 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/sap/ (141,341 employees on LinkedIn®) - **Ownership:** NYSE:SAP **Reviewer Demographics:** - **Company Size:** 45% Mid-Market, 42% Enterprise #### Pros & Cons **Pros:** - Customer Management (3 reviews) - Data Management (3 reviews) - Ease of Use (2 reviews) - Features (2 reviews) - Integrations (2 reviews) **Cons:** - Complexity (3 reviews) - Complexity Issues (3 reviews) - Complex Setup (2 reviews) - Lack of Customization (2 reviews) - Learning Curve (2 reviews) ### 12. [Auth0](https://www.g2.com/products/auth0/reviews) Auth0 takes a modern approach to Identity, providing secure access to any application, for any user. Safeguarding billions of login transactions each month, Auth0 delivers convenience, privacy, and security so customers can focus on innovation. Auth0 is part of Okta, The World’s Identity Company™. Auth0 lets you quickly integrate authentication and authorization for web, mobile, and legacy applications, with new Fine Grained Authorization (FGA) that goes beyond role-based access control. Authenticate users across all applications with a customized, secure, and standards-based single login. Universal Login connects users to a central authorization server. Credentials aren’t transferred across sources, which boosts security and protects against phishing and credential stuffing attacks. OAuth 2.0 recommends that only external user agents (like the browser) be used by native applications for authentication flows. Auth0’s Universal Login achieves this while also enabling SSO. **Average Rating:** 4.3/5.0 **Total Reviews:** 250 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.3/10 (Category avg: 9.0/10) - **Mobile App:** 8.3/10 (Category avg: 7.5/10) - **APIs:** 8.9/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 8.4/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Okta](https://www.g2.com/sellers/okta) - **Company Website:** https://okta.com - **Year Founded:** 2009 - **HQ Location:** San Francisco, California - **Twitter:** @okta (42,719 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/926041/ (7,230 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Software Engineer, Software Developer - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 48% Small-Business, 30% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (54 reviews) - Security (47 reviews) - Authentication (39 reviews) - Integrations (34 reviews) - Easy Integrations (33 reviews) **Cons:** - Expensive (27 reviews) - Cost (20 reviews) - Expensive Pricing (17 reviews) - Difficult Learning (15 reviews) - Complexity (12 reviews) ### 13. [Fastpath](https://www.g2.com/products/fastpath/reviews) Fastpath is a cloud-based access orchestration platform. It allows organizations to manage and automate the processes around access governance and security, quickly and efficiently. Customizable, quick to implement and deploy means you get value right away. And it works with all major enterprise software in multi-site, multi-application environments. Fastpath helps to identify, quantify and manage data access risk, so you can be confident that the right people are accessing the right information for the right reasons. Make informed strategic business decisions confidently, knowing your organization is secure and compliant. **Unrivalled Integrations** Fastpath integrates out-of-the-box, working across multi-application environments and custom-made software to deliver insight into your security risks. **Rapid Time to Value** We’re easy to implement and quick to deploy, and with no expensive customization required, you can immediately reap ROI. **Frictionless Automation** Effortlessly automate processes like onboarding, testing and proving controls to continuously identify, quantify, and eliminate risk. **Improved Efficiency** Ease of use and out-of-the-box content allow security teams to get up to speed fast, focus on what matters, and save valuable time. **Average Rating:** 4.7/5.0 **Total Reviews:** 106 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.6/10 (Category avg: 9.0/10) - **Mobile App:** 6.4/10 (Category avg: 7.5/10) - **APIs:** 8.0/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 8.3/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Delinea](https://www.g2.com/sellers/delinea) - **Year Founded:** 2004 - **HQ Location:** San Francisco - **Twitter:** @DelineaInc (885 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/delinea/ (1,232 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 55% Enterprise, 43% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (20 reviews) - Customer Support (18 reviews) - Helpful (10 reviews) - Reporting (10 reviews) - Reporting Features (10 reviews) **Cons:** - Missing Features (6 reviews) - Poor Reporting (5 reviews) - Learning Curve (4 reviews) - Poor Customer Support (4 reviews) - Inadequate Reporting (3 reviews) ### 14. [IBM Verify CIAM](https://www.g2.com/products/ibm-verify-ciam/reviews) A centralized solution for managing customer and workforce identity and access including capabilities such as single-sign-on, multifactor authentication, adaptive AI-based access, passwordless access, and lifecycle and consent management. IBM Verify is a single-stack cloud-based, on premises, or hybrid-cloud solution for all identity and access needs listed above. Other advantages it presents are a way to integrate with legacy access and CRM applications, reverse proxies to help increase performance, reliability, and security, and a way to migrate from on-premises to cloud, not only from an application standpoint, but also in unifying directories. IBM Verify is available on AWS Marketplace. If data residency is a top concern, when combined with AWS, the vendor states that IBM Verify has the broadest tenancy, and can be delivered using a rapid deployment model that has already been put to the test in several critical situations. IBM further states they continue to invest in achieving and maintaining all the pertinent certifications such as SOC 2, ISO 27001, and PCI DSS, plus full FedRAMP authorization. IBM Verify is not just a solution IBM provides to clients for identity and access, but it is used it to establish a zero-trust posture for over 25 million of the company's own internal and external end-users, supporting 5,000 applications, more than 600 federated client companies and their workforces, and over 150,000 authorization groups, plus Mac, iOS, Android, Windows, Linux, and Z (mainframe) operating systems, which they state includes one of the world’s largest Apple deployments, and one of the largest Linux deployments. **Average Rating:** 4.3/5.0 **Total Reviews:** 171 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.3/10 (Category avg: 9.0/10) - **Mobile App:** 8.9/10 (Category avg: 7.5/10) - **APIs:** 6.9/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 7.5/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [IBM](https://www.g2.com/sellers/ibm) - **Company Website:** https://www.ibm.com/us-en - **Year Founded:** 1911 - **HQ Location:** Armonk, NY - **Twitter:** @IBM (709,023 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/1009/ (324,553 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 53% Enterprise, 40% Mid-Market #### Pros & Cons **Pros:** - Security (61 reviews) - Ease of Use (48 reviews) - Authentication (38 reviews) - Features (29 reviews) - MFA Authentication (29 reviews) **Cons:** - Complex Setup (38 reviews) - Complexity (35 reviews) - Difficult Learning (33 reviews) - Difficult Setup (31 reviews) - Complex Administration (30 reviews) ### 15. [CoreView](https://www.g2.com/products/coreview/reviews) CoreView is the leading SaaS platform for Microsoft 365 Tenant Resilience. Trusted by enterprises worldwide, CoreView secures the configuration, identity, and access layers of Microsoft 365—hardening tenants against attack, reducing privilege and blast radius, detecting configuration tampering, and restoring security posture after incidents. By protecting Microsoft 365 & Entra at the tenant level, CoreView ensures organisations can prevent compromise, withstand intrusion, and recover with confidence from cyber threats and operational disruption. Use Cases: 1. Tenant Resilience for Microsoft 365 2. Complex Microsoft 365 tenant management 3. Enforce governance and lifecycle management for Microsoft 365 **Average Rating:** 4.6/5.0 **Total Reviews:** 116 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.3/10 (Category avg: 9.0/10) - **Mobile App:** 5.7/10 (Category avg: 7.5/10) - **APIs:** 7.9/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 7.9/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [CoreView](https://www.g2.com/sellers/coreview) - **Company Website:** https://www.coreview.com - **Year Founded:** 2014 - **HQ Location:** Washington, DC - **Twitter:** @CoreViewHQ (1,044 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/5200159/ (192 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Construction - **Company Size:** 51% Enterprise, 32% Mid-Market #### Pros & Cons **Pros:** - Automation (12 reviews) - Ease of Use (11 reviews) - Time-saving (7 reviews) - Productivity Improvement (6 reviews) - Centralized Management (5 reviews) **Cons:** - Steep Learning Curve (6 reviews) - Navigation Issues (5 reviews) - Limited Features (4 reviews) - Insufficient Training (3 reviews) - Slow Performance (3 reviews) ### 16. [Swif.ai](https://www.g2.com/products/swif-ai/reviews) Swif.ai is a next-generation Mobile Device Management (MDM) solution designed to assist organizations in managing and securing their mobile devices while ensuring compliance with various regulatory standards. This software is particularly beneficial for businesses looking to streamline their MDM processes and achieve compliance with frameworks such as SOC2, ISO, NIST, and GDPR in a fraction of the time typically required. With Swif.ai, companies can transition from zero to compliance readiness in just one hour, making it an efficient choice for organizations of all sizes. Targeted primarily at businesses with employee counts ranging from 5 to 50,000, Swif.ai caters to a diverse audience, including small startups, mid-sized companies, and large enterprises. The software addresses the unique challenges that organizations face in managing mobile devices, such as data security, device tracking, and regulatory compliance. By providing a comprehensive MDM solution, Swif.ai enables companies to focus on their core operations while ensuring that their mobile device management is handled effectively and securely. One of the standout features of Swif.ai is its inclusion of free Shadow IT management for all customers. This capability allows organizations to identify and manage unauthorized applications and devices that may pose security risks. By integrating Shadow IT management into the MDM framework, Swif.ai enhances overall security posture and helps organizations maintain compliance with regulatory requirements. This feature is particularly valuable in today’s environment, where the use of personal devices for work purposes is increasingly common. In addition to its robust compliance capabilities, Swif.ai offers a user-friendly interface that simplifies the management of mobile devices. The software provides tools for device enrollment, policy enforcement, and remote management, allowing IT teams to efficiently oversee their mobile fleets. The ability to quickly implement security policies and monitor device compliance ensures that organizations can respond promptly to potential threats and maintain a secure operating environment. Overall, Swif.ai distinguishes itself in the MDM software market by combining rapid compliance capabilities with comprehensive mobile device management features. Its focus on serving a wide range of organizations, from small businesses to large enterprises, along with its unique offerings like free Shadow IT management, positions it as a valuable solution for companies looking to enhance their mobile device security and compliance efforts. **Average Rating:** 5.0/5.0 **Total Reviews:** 61 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 10.0/10 (Category avg: 9.0/10) - **Mobile App:** 9.4/10 (Category avg: 7.5/10) - **APIs:** 9.6/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 9.7/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Swif](https://www.g2.com/sellers/swif) - **Company Website:** https://www.swif.ai - **Year Founded:** 2022 - **HQ Location:** Sunnyvale, US - **LinkedIn® Page:** https://www.linkedin.com/company/swifai (43 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Marketing and Advertising - **Company Size:** 87% Small-Business, 10% Mid-Market #### Pros & Cons **Pros:** - Device Management (22 reviews) - Security (21 reviews) - Automation (18 reviews) - Ease of Use (14 reviews) - Time-Saving (13 reviews) **Cons:** - Poor Reporting (9 reviews) - Insufficient Information (7 reviews) - Learning Curve (6 reviews) - Missing Features (6 reviews) - Poor UI (6 reviews) ### 17. [Oracle Identity Management](https://www.g2.com/products/oracle-identity-management/reviews) Oracle Identity Management is a comprehensive suite of identity and access management (IAM) solutions designed to help organizations manage the entire lifecycle of user identities and access privileges across enterprise resources, both on-premises and in the cloud. By automating user provisioning, enforcing security policies, and ensuring compliance with regulatory requirements, Oracle Identity Management enhances operational efficiency and strengthens security postures. Key Features and Functionality: - Identity Governance: Manages user provisioning and deprovisioning, enforces access policies, and provides actionable identity intelligence for rapid remediation of high-risk entitlements. - Access Management: Delivers risk-aware, end-to-end multifactor authentication (MFA) and single sign-on (SSO) capabilities, integrating identities and systems across cloud and on-premises environments. - Directory Services: Offers scalable and flexible directory solutions that support growth without unnecessary over-provisioning, facilitating seamless expansion without impacting existing services. - User Provisioning: Automates the creation and assignment of user accounts, reducing administrative overhead and minimizing human error. - Identity Analytics: Utilizes machine learning to detect and prevent suspicious identity activities, enhancing security through proactive monitoring. - Single Sign-On (SSO): Consolidates user credentials behind a single account with strong password policies, simplifying access to services and improving user experience. - Multifactor Authentication (MFA): Implements secondary authentication controls to verify user identities, reducing exposure from stolen credentials. - Risk-Based Authentication: Employs algorithms to assess the risk of user actions, blocking or reporting activities with high-risk scores. - Identity Governance and Administration (IGA): Controls entitlements to reduce risks associated with excessive access and privileges. Primary Value and Solutions Provided: Oracle Identity Management addresses critical security challenges by ensuring consistent user access rules and policies across an organization, thereby reducing the risk of data breaches and unauthorized access. By automating identity-related processes, it enhances operational efficiency, reduces administrative costs, and ensures compliance with regulatory standards. The suite's comprehensive approach to identity governance and access management enables organizations to securely manage user identities, enforce security policies, and respond swiftly to evolving security threats, ultimately safeguarding sensitive data and maintaining trust in business operations. **Average Rating:** 3.8/5.0 **Total Reviews:** 52 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 7.0/10 (Category avg: 9.0/10) - **Mobile App:** 7.1/10 (Category avg: 7.5/10) - **APIs:** 7.0/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 7.7/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Oracle](https://www.g2.com/sellers/oracle) - **Year Founded:** 1977 - **HQ Location:** Austin, TX - **Twitter:** @Oracle (827,310 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/1028/ (199,301 employees on LinkedIn®) - **Ownership:** NYSE:ORCL **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Telecommunications - **Company Size:** 65% Enterprise, 21% Mid-Market #### Pros & Cons **Pros:** - Access Control (1 reviews) - Access Management (1 reviews) - Customer Support (1 reviews) - Customization (1 reviews) - Device Management (1 reviews) **Cons:** - Error Handling (1 reviews) - Performance Issues (1 reviews) - Poor Interface Design (1 reviews) - Poor UI (1 reviews) - Technical Errors (1 reviews) ### 18. [Hire2Retire](https://www.g2.com/products/hire2retire/reviews) RoboMQ’s Hire2Retire is a comprehensive workforce lifecycle management solution that manages the entire JML lifecycle events, such as hiring, department transfers, terminations, and long-term leaves. It is an Identity and Access Management platform that synchronizes HR with IT infrastructure, including Active Directory(AD), Okta, and Google Workspace. Hire2Retire enables organisations to effectively manage employee access and privileges throughout their work cycle. 
 Hire2Retire integrates with 27 HR and ATS systems, identity providers (IdP) like Active Directory, Entra ID, Okta, and Google Workspace, along with 10+ leading Service Management platforms like ServiceNow, Salesforce, SolarWinds, and FreshService. Hire2Retire has 100’s of connectors to auto-provision access to third-party applications based on profile-driven employee privileges. Hire2Retire benefits mid to large fast-growing enterprises that face challenges in manual workforce lifecycle management. Traditional onboarding and offboarding processes can be tedious, slow, and error-prone, leading to security and compliance risks. It can also lead to poor employee experience and wasted costs and resources. Hire2Retire, by enabling onboarding and offboarding automation, ensures businesses spend less time in workforce lifecycle management and more time in strategic initiatives. Customers prefer the Hire2Retire workforce lifecycle management and identity provisioning solution from RoboMQ for: - Significant reduction in cost through elimination of tedious and repetitive tasks of costly sysadmin resources - Better new hire experience by providing a superior “First Day at Work” experience. It ensures that employee email, AD profile, and role-based access to systems and tools are in place when the new hire walks in - Manages and controls access and privileges to systems and data based on employee roles - Prevents security and reputation risks by ensuring timely removal of access on termination and change of roles **Average Rating:** 4.6/5.0 **Total Reviews:** 70 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.4/10 (Category avg: 9.0/10) - **Mobile App:** 6.0/10 (Category avg: 7.5/10) - **APIs:** 8.0/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 8.3/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [RoboMQ](https://www.g2.com/sellers/robomq) - **Company Website:** https://www.robomq.io/ - **Year Founded:** 2012 - **HQ Location:** Vienna, VA - **Twitter:** @robomq (268 Twitter followers) - **LinkedIn® Page:** https://in.linkedin.com/company/robomq-io (94 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Non-Profit Organization Management, Manufacturing - **Company Size:** 78% Mid-Market, 16% Enterprise #### Pros & Cons **Pros:** - Customer Support (15 reviews) - Ease of Use (13 reviews) - Easy Integrations (10 reviews) - Implementation Ease (10 reviews) - Automation (9 reviews) **Cons:** - Implementation Difficulty (6 reviews) - Difficult Setup (3 reviews) - Error Handling (3 reviews) - Steep Learning Curve (3 reviews) - Integration Issues (2 reviews) ### 19. [ActivID Authentication and Credential Management](https://www.g2.com/products/activid-authentication/reviews) HID Identity Assurance portfolio delivers a full range of authentication and credentialing options that help you gain confidence in your users’ identities and effectively protect access to all your physical resources, internal networks, systems and services, and public and private cloud-based applications. **Average Rating:** 4.6/5.0 **Total Reviews:** 10 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.2/10 (Category avg: 9.0/10) - **Mobile App:** 9.3/10 (Category avg: 7.5/10) - **APIs:** 9.2/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 9.4/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [HID Global](https://www.g2.com/sellers/hid-global) - **Year Founded:** 1991 - **HQ Location:** Austin, TX - **Twitter:** @HIDGlobal (12,029 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/22877/ (3,918 employees on LinkedIn®) - **Phone:** (800) 237-7769 **Reviewer Demographics:** - **Company Size:** 50% Mid-Market, 30% Enterprise #### Pros & Cons **Pros:** - Security (1 reviews) **Cons:** - Admin Management Issues (1 reviews) - Difficult Setup (1 reviews) - Lack of Control (1 reviews) ### 20. [Lumos](https://www.g2.com/products/lumos/reviews) Lumos is the first Autonomous Identity platform to automatically discover and manage access across all your apps. Instead of being overwhelmed by the sprawl of apps and access, Lumos empowers organizations with one unified solution that controls access on auto-pilot. With Lumos, gain full visibility, enhance security, and boost productivity — all in one platform. Trusted by hundreds of companies, Lumos powers millions of access requests across global companies. **Average Rating:** 4.7/5.0 **Total Reviews:** 68 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.7/10 (Category avg: 9.0/10) - **Mobile App:** 6.9/10 (Category avg: 7.5/10) - **APIs:** 8.7/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 8.8/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Lumos](https://www.g2.com/sellers/lumos) - **Company Website:** https://lumos.com - **Year Founded:** 2020 - **HQ Location:** Silicon Valley, California - **Twitter:** @lumosidentity (258 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/lumosidentity/ (164 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** IT Manager - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 74% Mid-Market, 16% Enterprise #### Pros & Cons **Pros:** - Ease of Use (11 reviews) - Time-saving (10 reviews) - Automation (9 reviews) - Application Integration (7 reviews) - Customer Support (7 reviews) **Cons:** - Integration Issues (7 reviews) - Limited Integrations (6 reviews) - Integration Difficulty (5 reviews) - Complex Setup (3 reviews) - Lack of Features (3 reviews) ### 21. [ManageEngine ADManager Plus](https://www.g2.com/products/manageengine-admanager-plus/reviews) ADManager Plus is an identity governance and administration (IGA) solution that simplifies identity management, ensures security, and improves compliance. With ADManager Plus, manage the user life cycle from provisioning to deprovisioning, run access certification campaigns, orchestrate identity management across enterprise applications, and protect data on your enterprise platforms with regular backups. The solution provides comprehensive identity risk assessment and proactive management of your organization's risk exposure by highlighting potential security vulnerabilities and visualizing attack paths to privileged entities. This enables IT teams to prioritize remediation efforts and strengthen their security posture before threats can be exploited. Use over 200 reports to gain valuable insights into identities and their access rights, and leverage customizable dashboards and scheduled report generation for continuous monitoring. The platform supports compliance frameworks including the GDPR and HIPAA through automated audit trails and detailed access reviews. Improve the efficiency of your IGA operations with workflows, automations, and role-based access control policies. Built-in templates streamline common tasks while multi-stage approval workflows ensure proper oversight of critical changes. ADManager Plus' Android and iOS applications help with on-the-go AD and Microsoft Entra ID management, enabling administrators to respond quickly to urgent requests. **Average Rating:** 4.5/5.0 **Total Reviews:** 78 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.1/10 (Category avg: 9.0/10) - **Mobile App:** 7.6/10 (Category avg: 7.5/10) - **APIs:** 8.3/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 8.8/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Zoho](https://www.g2.com/sellers/zoho-b00ca9d5-bca8-41b5-a8ad-275480841704) - **Year Founded:** 1996 - **HQ Location:** Austin, TX - **Twitter:** @Zoho (137,251 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/38373/ (30,531 employees on LinkedIn®) - **Phone:** +1 (888) 900-9646 **Reviewer Demographics:** - **Top Industries:** Government Administration, Information Technology and Services - **Company Size:** 56% Mid-Market, 37% Enterprise #### Pros & Cons **Pros:** - Automation (1 reviews) - Ease of Use (1 reviews) - Efficiency (1 reviews) - Efficiency Optimization (1 reviews) - Functionality (1 reviews) **Cons:** - Complex Interface (1 reviews) - Complexity (1 reviews) - Complex Reporting (1 reviews) - Complex Usability (1 reviews) - Learning Curve (1 reviews) ### 22. [NIM](https://www.g2.com/products/nim/reviews) NIM effortlessly streamlines user provisioning and lifecycle management, blending power with simplicity. Designed for ease of use and rapid implementation, NIM seamlessly manages any volume of users or systems for both commercial organizations and educational institutions. NIM's advanced data aggregation combines information from multiple sources, streamlining provisioning, rostering, and exports. This integration guarantees data is accurate and ready. The simplicity of NIM extends to role modeling, where you can create and analyze roles across systems with the Role Mining tool. NIM simplifies audits with real-time impact analysis, making comprehensive report generation easy and efficient. NIM's flexible, open design and customizable Apps simplify tailoring solutions to your needs, streamlining user provisioning. Its automated processes minimize manual work, enhancing accuracy and efficiency. NIM simplifies complex tasks, ensuring organizations achieve high efficiency with ease. **Average Rating:** 5.0/5.0 **Total Reviews:** 16 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.8/10 (Category avg: 9.0/10) - **APIs:** 8.3/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 9.1/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Tools4ever](https://www.g2.com/sellers/tools4ever) - **Year Founded:** 1999 - **HQ Location:** Lynbrook, New York - **Twitter:** @Tools4ever (330 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/124368/ (65 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Primary/Secondary Education, Education Management - **Company Size:** 56% Mid-Market, 44% Enterprise #### Pros & Cons **Pros:** - Ease of Use (6 reviews) - Customer Support (5 reviews) - Automation (4 reviews) - Easy Setup (4 reviews) - Integrations (3 reviews) **Cons:** - Learning Curve (4 reviews) - Steep Learning Curve (4 reviews) - Complex Setup (3 reviews) - Difficult Learning (3 reviews) - Poor Reporting (2 reviews) ### 23. [Josys](https://www.g2.com/products/josys/reviews) Josys is the Automated Identity Governance Platform that discovers, governs, and secures every identity and application, turning complex identity management into a streamlined, audit-ready engine. Built for IT and MSP leaders securing a fragmented identity perimeter, Josys eliminates visibility gaps through unified discovery by mapping every user to their specific permissions and enforcing granular access policies at scale. From zero-touch onboarding to automated access reviews, Josys replaces manual spreadsheet tracking with seamless, autonomous processes. By orchestrating the entire identity lifecycle and deploying intelligent workflows to proactively surface risks like MFA gaps or over-privileged accounts, Josys moves IT from reactive remediation to proactive enforcement. This comprehensive approach ensures a continuous zero-trust security posture and maximum operational efficiency. **Average Rating:** 4.4/5.0 **Total Reviews:** 113 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.1/10 (Category avg: 9.0/10) - **Mobile App:** 3.5/10 (Category avg: 7.5/10) - **APIs:** 7.7/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 8.1/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Josys Inc.](https://www.g2.com/sellers/josys-inc) - **Company Website:** https://www.josys.com - **Year Founded:** 2021 - **HQ Location:** Tokyo, JP - **LinkedIn® Page:** https://www.linkedin.com/company/josys-inc (192 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Manager - **Top Industries:** Computer Software, Information Services - **Company Size:** 70% Mid-Market, 26% Small-Business #### Pros & Cons **Pros:** - Ease of Use (33 reviews) - Easy Management (23 reviews) - Centralization (19 reviews) - Device Management (19 reviews) - Management (19 reviews) **Cons:** - Missing Features (23 reviews) - Insufficient Information (14 reviews) - Integration Issues (13 reviews) - Limited Features (11 reviews) - Limited Integrations (10 reviews) ### 24. [Orchestry](https://www.g2.com/products/orchestry/reviews) Orchestry is a Microsoft 365 management and automation platform that accelerates cost savings, storage reduction, sprawl prevention and risk remediation. Our platform is purpose-built with an emphasis on user experience and actionability so you can implement and start making an impact in days, not weeks. Orchestry streamlines workspace provisioning and lifecycle management, automates manual governance tasks, identifies and prioritizes potential risks, and consolidates data into centralized reports and dashboards. It goes beyond native capabilities so you can get control of your tenant, prevent future issues, scale with confidence, and get ready for AI fast. **Average Rating:** 4.8/5.0 **Total Reviews:** 98 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 9.9/10 (Category avg: 9.0/10) - **Mobile App:** 7.6/10 (Category avg: 7.5/10) - **APIs:** 8.7/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 9.3/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [Orchestry Software Inc.](https://www.g2.com/sellers/orchestry-software-inc) - **Company Website:** https://www.orchestry.com/ - **Year Founded:** 2020 - **HQ Location:** Vancouver, British Columbia - **Twitter:** @OrchestrySoft (461 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/orchestry (41 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Senior Consultant - **Top Industries:** Information Technology and Services, Consulting - **Company Size:** 45% Small-Business, 43% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (20 reviews) - Time-saving (9 reviews) - User Interface (8 reviews) - Workflow Management (8 reviews) - Solutions (7 reviews) **Cons:** - Steep Learning Curve (7 reviews) - Learning Curve (5 reviews) - User Difficulty (5 reviews) - Difficult Setup (4 reviews) - Poor UI (4 reviews) ### 25. [CrossIdeas](https://www.g2.com/products/crossideas/reviews) CrossIdeas provides Identity & Access Governance Solutions to harmoniously manage people, applications and entitlements. **Average Rating:** 4.3/5.0 **Total Reviews:** 11 **User Satisfaction Scores:** - **Has the product been a good partner in doing business?:** 8.3/10 (Category avg: 9.0/10) - **Mobile App:** 8.0/10 (Category avg: 7.5/10) - **APIs:** 8.5/10 (Category avg: 8.5/10) - **Bi-directional Identity Synchronization:** 8.5/10 (Category avg: 8.6/10) **Seller Details:** - **Seller:** [IBM](https://www.g2.com/sellers/ibm) - **Year Founded:** 1911 - **HQ Location:** Armonk, NY - **Twitter:** @IBM (709,023 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/1009/ (324,553 employees on LinkedIn®) - **Ownership:** SWX:IBM **Reviewer Demographics:** - **Company Size:** 45% Small-Business, 36% Mid-Market ## Parent Category [Identity Management Software](https://www.g2.com/categories/identity-management) ## Related Categories - [Single Sign-On (SSO) Solutions](https://www.g2.com/categories/single-sign-on-sso) - [Identity and Access Management (IAM) Software](https://www.g2.com/categories/identity-and-access-management-iam) - [Multi-Factor Authentication (MFA) Software](https://www.g2.com/categories/multi-factor-authentication-mfa) --- ## Buyer Guide ### What You Should Know About User Provisioning and Governance Tools ### What are user provisioning and governance tools and software? User provisioning and governance tools help companies automate the process of creating, permissioning, managing, and deactivating user accounts on corporate systems and applications across the enterprise. Typical use cases include user lifecycle stages such as setting up accounts for newly hired employees during onboarding and providing them access to the tools they need, changing user groups and permissions when employees are promoted or move within departments, and removing user accounts after an employee leaves the company. User provisioning and governance tools software automate user account creation by connecting information in user identity stores such as HR systems and/or user directories like Active Directory or G Suite to enterprise applications to systems that employees use such as email systems, databases, CRM systems, communication systems, employee productivity software, file storage systems, ERP applications, subscriptions, custom company applications, and more. There is considerable overlap between user provisioning and governance tools and [identity and access management (IAM) software](https://www.g2.com/categories/identity-and-access-management-iam) functionality, as both offer user provisioning and govern user access. User provisioning and governance solutions focus more specifically on user lifecycle and group management. At the same time, IAM software includes additional benefits, such as centralized identity functions for both on-premises and cloud accounts and providing user authentication before granting user access to corporate systems. ### **Key benefits of user provisioning and governance software solutions** - Automate user account lifecycle from provisioning during onboarding through de-provisioning after leaving the company - Grant access to applications and systems based on user type through role or group management functions - Reduce the time helpdesk team members need to spend manually creating users - Improve end-user experience by offering self-service tools and integrations with [single sign-on solutions](https://www.g2.com/categories/single-sign-on-sso) and [password management tools](https://www.g2.com/categories/password-managers) ### Why use user provisioning and governance systems? Using automated tools to manage user lifecycles, companies can eliminate manual user provisioning and de-provisioning tasks, which can ultimately reduce the burden on IT help desk teams and free up staff time for more high-level work. Deploying user provisioning and governance solutions reduces human error when creating accounts while reducing the threat of “permission creep" when accounts are not properly changed after promotions, demotions, or terminations. Using this software enables companies to manage large numbers of users at once by applying role or group policies across users in a standard fashion. **Setting up new hires —** Companies use user provisioning and governance tools to ensure new hires receive access to the accounts they need as quickly as possible during onboarding. If IT staff manually created user accounts, the process could take days, weeks, or even months and be prone to human error. **Removing access for terminated employees—** It is important to remove access for terminated employees as quickly as possible to prevent security risks, either from the terminated employees themselves or from hackers accessing abandoned user accounts. Using user provisioning and governance tools, companies can automatically de-provision user accounts when an employee is removed from an HR system or other identity store. **Enforcing role or group-based policies —** When managing hundreds (if not thousands) of user accounts, taking actions, such as providing access to new applications based on the users’ role or group types, can save a lot of time and get these users up and running quickly. For example, suppose all sales representatives should have access to a particular sales-related application. In that case, those user accounts can automatically be provisioned with access if they belong to the sales group. On the other hand, employees in the legal department may not need access to that sales application, so they would not be provisioned with an account for that specific sales software. **Security — ** Insider threats can occur when user accounts are given too much access for their job type, and employees use the information they shouldn’t have access to. For example, an intern-employee likely shouldn’t be given the same access to the company’s accounts, like an accounting system, as the chief operating officer has. Using role- and group-based policies, IT administrators can easily remove permissions no longer needed by a type or group of employees and prevent permission creep. **Reducing costs—** Labor ** ** is typically one of the highest expenses companies have. Using user provisioning and governance tools frees up time for IT help desk team members to do other higher-value work. Many user provisioning and governance tools solutions allow end-user self-service to make changes like name changes directly. ### Who uses user provisioning and governance software tools? Most companies would benefit from using identity governance software solutions to manage employee user account provisioning, management, and de-provisioning. In particular, companies with many employees and user accounts to manage, such as enterprise-level companies, would benefit from using identity governance platforms, as manual account creation is difficult, laborious, and prone to error. IT administrators and help desk teams typically manage user provisioning and governance tools within a company’s corporate structure. With automated lifecycle management, however, multiple stakeholders across the enterprise can work in tandem to ensure users are set up correctly and have the proper access. For example, HR representatives can change new hires or people who have left the company in the HR system. This information can be pulled by the user provisioning and governance tools system to automatically take actions on a user’s associated accounts. End users can use self-service tools to make changes to their user profile, like name or title changes. ### Features of user provisioning and governance tools At their core, user provisioning/governance software must, at minimum, provide tools to automatically provision and de-provision user accounts based on user identities and grant permissions based on governance rules for users to access specific enterprise applications. Many user provisioning/governance software offers additional features to further automate user account lifecycles and provide a better end-user experience. These features may include: **Automatic user provisioning and de-provisioning —** User provisioning/governance software pulls data from identity stores like [HR systems](https://www.g2.com/categories/core-hr) to provision new accounts. Specific access to accounts can be automated based on roles or group membership. When an employee leaves or is terminated or when a contractor’s contract date expires, the software can automatically terminate accounts to prevent abandoned accounts from living on in systems. **Lifecycle management —** The software takes user account actions throughout employee lifecycle changes from onboarding and promotions to termination. **Integrations —** A main tenet of user provisioning/governance software is integrating with other software applications such as HR systems, user directories, [ERP applications](https://www.g2.com/categories/erp-systems), [email systems](https://www.g2.com/categories/email), [databases](https://www.g2.com/categories/database-software), [CRM systems](https://www.g2.com/categories/crm), communication systems, employee productivity software, and [file storage systems](https://www.g2.com/categories/cloud-file-storage). **Identity synchronization —** User provisioning/governance software can synchronize identity information changes across multiple applications. For example, if a user changes their personal information, such as a phone number or title, in one system, those changes are pushed to their other applications in corporate systems. **Access governance, role/group management, and policy enforcement —** Governing who has access to what applications or systems is determined by a user’s role and group membership. Using role-based or group membership factors to determine what access a user should be granted ensures that access to a company application is granted uniformly and adheres to company policies. **Delegated access authorization—** When business managers need to give their subordinates access to company accounts or change their permissions, they can approve access using delegation workflows. **Access verification workflow —** User provisioning/governance software can regularly query managers to confirm their subordinates' access and whether changes need to be made. **Reports and audits—** User provisioning/governance software can conduct audits and provide reports on account usage, including account creation and deactivation. This may be a necessary feature for companies in highly regulated industries that need to periodically audit users. **User self-service and improved user experience —** Providing users with self-service functionality, such as allowing employees to change their names and titles directly in the system or being able to request access to specific applications for manager approval, can further remove manual processes off IT helpdesk staff and improve employee productivity. **Password management and single sign-on—** Many user provisioning and governance tools offer additional end-user benefits, such as password management and single sign-on functionality. Other Features of User Provisioning and Governance Tools: [Bi-directional identity synchronization](https://www.g2.com/categories/user-provisioning-and-governance-tools/f/bi-directional-identity-synchronization), [Identifies and alerts for threats](https://www.g2.com/categories/user-provisioning-and-governance-tools/f/identifies-and-alerts-for-threats), [Mobile app](https://www.g2.com/categories/user-provisioning-and-governance-tools/f/mobile-app) ### Emerging trends in user provisioning and governance Historically speaking, Microsoft’s product, Active Directory (AD), has been one of the most widely used directory services since its introduction in 1999. Because of AD’s large market share, it is worth mentioning that many other user provisioning and governance tools vendors generally offer both identity and user governance tools that integrate with AD or, conversely, offer entirely separate solutions that utilize their own directory service. Active Directory manages IT resources, stores information about users, groups, applications, and networks, and provides access to computers, applications, and servers. AD was initially designed for on-premises use cases. Still, given the shift to cloud computing and storage in the digital transformation, Microsoft introduced Azure AD, which extends an on-premises instance of AD to the cloud and synchronizes identities with cloud-based applications. Other user provisioning and governance tools offer cloud solutions tying into on-site AD instances. Many providers provide cloud-native solutions and robust [identity and access management (IAM)](https://www.g2.com/categories/identity-and-access-management-iam) tools. ### Software and services related to user provisioning and governance solutions User provisioning and governance tools are part of a complete identity management solution. Many user provisioning and governance tools providers natively have or integrate with other providers to offer: [**Single sign-on (SSO) software**](https://www.g2.com/categories/single-sign-on-sso) **—** Single sign-on (SSO) software allows users to access multiple corporate applications with one set of credentials. This gives users more access to their applications without logging in multiple times. Single sign-on (SSO) is achieved through federation by linking IT systems, applications, and identities to create a seamless user experience. [**Password manager software**](https://www.g2.com/categories/password-manager) **—** Password manager software helps end users manage their passwords by allowing them to create one master password to access the passwords associated with their accounts. This is different from single sign-on, which federates the identity to other applications, while password manager software merely provides a secure storage vault to house user passwords. [**Identity and access management (IAM) software**](https://www.g2.com/categories/identity-and-access-management-iam) **—** User provisioning and governance tools are a part of identity and access management (IAM) functionality, which allows IT administrators to quickly provision, de-provision, and change user identities. IAM software also authenticates users to ensure they are who they say they are before providing access to corporate assets. IAM software is a modern solution, especially for companies utilizing numerous cloud-based applications. [**Customer identity and access management (CIAM) software**](https://www.g2.com/categories/customer-identity-and-access-management-ciam) **—** Customer identity and access management (CIAM) software manages a company’s customer identities and accounts. CIAM is different from identity and access management (IAM) software. IAM is used for internal corporate use—such as managing the identities of internal employees or contractors—while CIAM is for customer-focused identity management. [**Privileged access management (PAM) software**](https://www.g2.com/categories/privileged-access-management-pam) **—** Privileged access management (PAM) software is a tool used to protect a company’s privileged account credentials. It is generally used by IT administrators and other super users with high-level access to applications, not everyday users. [**Multi-factor authentication (MFA) software**](https://www.g2.com/categories/multi-factor-authentication-mfa) **—** Before granting a user access to company assets, it is essential to authenticate that they are indeed who they say they are. This can be achieved using multi-factor authentication (MFA) software solutions such as SMS codes, mobile push, biometric verification, or email one-time-pass (OTP) pushes. For example, if an employee loses their laptop, the laptop and the accounts the employee has access to are generally rendered useless to someone else unless that person could spoof the employee’s other authentication factors.