Top 17 Identity and Access Management platforms
Last updated: July 23, 2021
Identity Management, Single Sign-On and 2-factor authentication solutions allow to simplify and secure access to cloud, mobile and on-premises applications to employees and customers while increasing IT control and visibility.
Support enterprise-wide identity management across any app, user or device with Okta - a future-proof cloud service designed for maximum ROI & ease of use. A secure, reliable cloud service for today’s hybrid IT reality. Comprehensive Identity Management that has no alternatives. Across All Apps, Users and Devices. Easy-to-use, Superior ROI. Integrated, Future Proof
Delivered as a cloud service with no hardware or software to deploy, IdentityNow provides fully-integrated IAM for compliance, provisioning and access management. IdentityNow meets the most stringent IAM-as-a-service (IDaaS) requirements and provides enterprise-grade services that meet security, scalability, performance, and availability demands.
Your universal platform to manage and secure identities
OneLogin provides the fastest path to identity management in the cloud with an on-demand solution consisting of single sign-on, multi-factor authentication, directory integration, user provisioning and a catalog with thousands of pre-integrated applications.
Auth0 is the first identity management platform for application builders, and the only identity solution needed for custom-built applications.
Ping Identity offers secure single sign-on for your employees from any device and gives IT one dashboard to manage user access for all applications. Provisioning is available for popular apps such as Salesforce.com, Dropbox, Concur, WebEx, Box, Office 365 and more.
Amazon Cognito lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily.
Learn why businesses and governments trust ForgeRock identity and access management solutions for everything from CIAM to IoT. Protect, connect, and manage the digital identities of people, devices, and the internet of things (IoT). We help large organizations secure the identity of anything, build trusted, personalized relationships with their customers, and provide a seamless omnichannel experience.
Keycloak is an open source identity and access management solution for modern Applications and Services. Add authentication to applications and secure services with minimum fuss.
CyberArk is the only security software company focused on eliminating cyber threats using insider privileges to attack the heart of the enterprise.
on Live Enterprise
Quest One Identity is a cloud-based access and identity management solution that simplifies complex and repetitive tasks — so you can focus on driving your business forward.
Two-factor authentication done right. Duo Security lets your users use their mobile phones to secure their logins, protecting your company from account takeover. Duo’s solution is cloud-based, which means there's no software to install, and no server to set up. Our patented technology and drop-in integrations enable you to seamlessly integrate Duo into your existing application login workflow. Owned by Cisco.
Cloud Directory Platform. Securely manage identities, access, and Windows, macOS, & Linux devices from anywhere, using a single platform, with unified user identities across IT resources.
Identity tools from Google help you quickly build an auth system that will grow with your business and reduce the friction of getting users into your app.
Centrify provides Unified Identity Services across data center, cloud and mobile - resulting in one single login for users and one unified identity infrastructure. Centrify SaaS Edition integrates SSO for SaaS apps with user-centric mobile security management. Centrify goes beyond browser SSO to also give users unique mobile "zero sign on" to Office 365. Centrify Server Suite protects servers from identity-related insider risks and outsider attacks.
SecureAuth provides a single platform to enable access from any glass to any app, serving over 500 customers worldwide.
One login for all your web, mobile and on-premises apps. That makes it easier for IT. And users. Improve usability and security with standards-based single sign-on to all your enterprise apps. Provide single sign-on, authorization and mobile specific policies for standard Salesforce apps, or custom apps built with Mobile Services. Instant internal and external collaboration with social feeds built into Identity services.
Latest news about Identity and Access Management platforms
2021. Microsoft acquires access management startup CloudKnox
Microsoft has acquired identity and access management (IAM) startup CloudKnox Security. CloudKnox helps organizations enforce least-privilege principles to reduce risk and help prevent security breaches. The company’s activity-based authorization service will equip Azure Active Directory customers with granular visibility, continuous monitoring and automated remediation for hybrid and multi-cloud permissions. In addition to Azure Active Directory, the company also plans to integrate CloudKnox with its other cloud security services, including 365 Defender, Azure Defender and Azure Sentinel. Microsoft also recently acquired IoT security startups CyberX and Refirm Labs as it moved to beef up its security portfolio.
2021. Australian ID verification startup OCR Labs raises $15M
With the gig economy came the need for ID verification, thus startups like OnFido (raised $188.8 million) appeared, alongside several others. But this sector is by no means ‘done’ yet. Now, OCR Labs, which emerged from Australia, has announced a €12.5M. OCR Labs says its technology uses “five proprietary technologies in one solution, including identity document optical character recognition (OCR), document fraud assessment, liveness detection, video fraud assessment, and face matching”. This supports AML and KYC regulations. No one wants to spend hours trying to prove who they are, whether it’s for a job or for a bank account, and we also want to know we’re protected against identity theft and fraud. Digital ID verification has a key role to play, but this year we’ve also seen the limitations if hybrid models are used. People are a barrier and a risk, but fully automated technology can have a huge impact on many industries and privacy. OCR Labs is built to be secure, frictionless and fast, and capable of recognizing ID documents the world over.
2021. Aserto raises $5.1M to build authorization as a service
Aserto, a new startup that wants to build an authorization-as-a-service solution, announced a $5.1 million seed round. What the company is doing is creating a sophisticated service that does much of the work for developers, giving them fine-grained control over roles access control based on policies using what they call a “policy-as-code approach to authoring, editing, storing, versioning, building, deploying and managing authorization rules.” The solution is built using the CNCF Open Policy Agent (OPA) project.
2021. Jumio raises $150M for its all-in-one ID authentication platform
Jumio, which has built a platform that provides a variety of digital identity tools and technology — using biometrics, machine learning, computer vision, big data and more to run checks on ID documents, log-ins, to help prevent suspicious financial activity, identity theft and more — has closed a $150 million round of funding. Currently, Jumio’s primary business is B2B: It provides tools to enterprise customers like HSBC to manage digital identity verification. Some of the areas where it will be investing include expanding its AI capabilities to do more anti-money laundering work, and to look at building a B2C product, using the data, tools and network of customers that it has to help individuals better manage their identities online.
2021. Okta acquires cloud identity startup Auth0 for $6.5B
Okta is buying cloud identity startup Auth0 for $6.5 billion. It’s a substantial amount of money for one identity and access management (IAM) company to pay to buy another, similar entity. But the deal ultimately brings together two companies that come at identity from different sides of the market — and as such could be the beginning of a beautiful identity friendship. On a simple level, Okta delivers identity and access management (IAM) to companies who use the service to provide single-sign-on access for employees to a variety of cloud services — think Gmail, Salesforce, Slack and Workday. Meanwhile, Auth0 is a developer tool providing coders with easy API access to single-sign-on functionality. With just a couple of lines of code, the developer can deliver IAM tooling without having to build it themselves. Auth0 will operate as an independent unit inside of Okta as they look for paths to integration in the coming months.
2021. BeyondID grabs $9M to help clients implement cloud identity
BeyondID, a cloud identity consulting firm, has raised a $9M Series A. The company focuses on helping clients manage security and identity in the cloud, taking aim specifically at Okta customers. In fact, the firm is a platinum partner for Okta. As they describe their goals, they help clients in a variety of areas, including identity and access management, secure app modernization, Zero Trust security, cloud migration and integration services.
2020. Cloud directory service JumpCloud raises $75M
JumpCloud, the cloud directory service, has raised a $75 million Series E. Changes in the way that IT works have been evolving since the company launched in 2013. Back then, most companies used Microsoft Active Directory in a Windows-centric environment. Since then, things have gotten more heterogeneous with multiple operating systems, web applications, the cloud and mobile, and that has required a different way of thinking about directory structures. JumpCloud provides independent cloud directory platform that would connect people to really whatever it is they need and do that in a secure way while giving IT complete control over that access.
2020. Okta adds new no-code workflows that use identity to trigger sales and marketing tasks
Identity management provider Okta announced new no-code workflows that provide a way to use identity as a trigger to launch a customer-centric workflow. The company has created a series of connectors to make it easier to connect identity to a workflow that includes sales and marketing tooling. Last year Okta introduced Platform Services, which pulled apart the various pieces of the platform and exposed them as individual services, which bigger-company customers could tap into as needed. He says that this is an extension of that idea, but instead of having to get engineering talent to write complex code to tie the Okta service into say Salesforce, you can simply drag the Salesforce connector to your workflow.
2020. Google finally fixed the worst thing about its Authenticator app
If you want to protect your data from hackers, you should definitely use two-factor authentication, and Google Authenticator is a simple, logical choice. And now, it finally got a feature that makes it easy to move its data from one phone to another. Google Authenticator is a mobile app to provides a secondary, ever-changing code you must use, along with your password, to get into your online accounts such as Facebook, Gmail and Twitter. Now, Google has updated the Authenticator with the ability to transfer all of its data to a new phone. The process is simple and it boils down to choosing an account and scanning a QR code on your old phone.
2020. ForgeRock nabs $93.5M for its ID management platform
ForgeRock, which has built a platform that is used to help make sure that those accessing services really are who they say are, and help organizations account for how their services are getting used, has raised $93.5 million in funding. It operates in an industry heavy with competition, with some of the others vying for pole position in the various aspects of identity management including Okta, LastPass, Duo Serurity and Ping Identity. But within that list it has amassed some impressive traction. In total it has 1,100 enterprise customers, who in turn collectively manage 2 billion identities through ForgeRock’s platform, with considerably more devices also authenticated and managed on top of that.
2020. Okta launches Lifecycle Management Workflows to make building identity-centric processes easy
Okta, the popular identity and access management service, has launched Lifecycle Management Workflows, a new tool that helps IT teams build and manage IFTTT-like automated processes with the help of an easy to use graphical interface. The new service is an extension of Okta’s existing automation tools. But the key here is that IT teams and developers can now easily build complex identity-centric workflows across a wide range of applications. With this, these teams can easily automate an onboarding process, where setting up a new Okta account also immediately kicks off processes on third-party services like Box, Salesforce, ServiceNow and Slack to set up accounts there.
2019. Identity management software Okta introduced end-user-security product
Okta developed a couple of new products under the umbrella SecurityInsights. The end user product is called UserInsights. The other new product, called HealthInsights, is designed for administrators and makes suggestions on how to improve the overall identity posture of a company. UserInsights lets users know when there is suspicious activity associated with their accounts, such as a login from an unrecognized device. If it appears to involve a stolen password, he or she would click the Report button to report the incident to the company’s security apparatus where it would trigger an automated workflow to start an investigation. The person should also obviously change that compromised password. HealthInsights operates in a similar fashion, except for administrators at the system level.
2019. Okta brought identity management to server level
Okta announced a new level of identity protection at the server level. The new tool, called Advanced Server Access, provides identity management for Windows and Linux Servers, whether they are in a data center or the cloud. The product supports major cloud infrastructure vendors like Amazon Web Services, Microsoft Azure and Google Cloud Platform, and gives IT the ability to protect access to servers, reduce the likelihood of identity theft and bring a level of automation to the server credential process. The tool is continuously monitoring user information to make sure nothing has changed such as another machine has taken over, avoiding man-in-the-middle attacks. It’s also making sure that there is no virus or malware, and that the person who is using the machine is who they say they are and has access at the level they are using it.
2019. Okta acquired workflow automation startup Azuqua
Okta is to acquire workflow automation startup Azuqua for $52.5 million. In a modern enterprise, people and work are constantly shifting and moving between applications and services and combining automation software with identity and access management could offer a seamless way to move between them. The combining of the two companies is intended to move smoothly between applications in a complex workflow without having to constantly present your credentials. S0 product teams will be able to embed this technology in their own applications alongside Okta’s core authentication and user management technology to build integrated customer experiences.
2018. Cisco is buying 2-factor authentication provider Duo Security
Cisco is to buy security firm Duo Security for $2.35 billion. The acquisition feels like a good fit for Cisco. Duo’s security apparatus lets employees use their own device for adaptive authentication. Instead of issuing key fobs with security codes, Duo’s solution works securely with any device. And within Cisco’s environment, the technology should feel like a natural fit for CTOs looking for secure two-factor authentication. Over the last few years, Cisco has made several key acquisitions: OpenDNS, Sourcefire, Cloudlock, and now Duo.
2018. Okta introduced new service - Sign in with Okta
Okta unveiled a new service "Sign in with Okta" that allows employees to sign into third party sites and apps just like they sign in their company applications with a single set of credentials. The new API allows developers to add a few lines code and give Okta customers the ability to sign into one another’s websites in a similar way that OAuth allows you to use your Google or Facebook credentials to sign onto consumer sites. When developers add this functionality, the user sees a “Sign in with Okta” button on the website or service they are accessing. They can then use their Okta login to get into these sites under whatever rules the site owner has defined.
2018. Okta partnered with ServiceNow
Okta and ServiceNow got together to build an app that helps ServiceNow customers using their security operations tools find security issues related to identity and take action immediately. Okta launched the Identity Cloud for Security Operations app today. It’s available in the ServiceNow app store and has been designed for customers who are using both toolsets. When a customer downloads and installs the app, it adds a layer of identity information inside the ServiceNow security operations interface, giving the operations team access to information about who specifically is involved with a security problem without having to exit their tool to find the information.
2017. Amazon enters single sign-on market
Amazon released a single sign on product for the AWS cloud. With AWS SSO you can easily manage SSO access and user permissions to all of your accounts in AWS Organizations centrally. That’s very different from what other single sign on products like Okta or OneLogin are doing. These companies provide a much more comprehensive approach to single sign on, giving you a central way to log into all of your cloud services (and in some cases on-prem too). This saves you the pain of having separate user names and passwords for every account. You log in once and you have access to all of the included cloud services.
2017. Okta launches free service for startups
Online identity management provider Okta, which counts corporate clients like Nordstrom and government clients like the U.S. Department of Justice, said that it’s now going to let startups use its services for free. Young organizations with up to 25 employees will be able to use Okta Identity Cloud without charge for one year. CEO Todd McKinnon hopes that they’ll become corporate clients as their business grows and they’re satisfied with the secure sign-on services. There are a lot of companies in the secure sign-in space. When asked about startups like Duo or SailPoint, which recently went public, McKinnon said “they have one part of what we offer” and “we have a broad suite.” He believes Okta’s real competitors are the incumbents like IBM, Oracle, Salesforce and Computer Associates.
2017. Duo Security raised $70 million
Duo Security announced $70 million Series D funding at a valuation of $1.17 billion. The Michigan-based SaaS company works with more than 10,000 companies. The company’s main product is a two-factor authentication app but Duo also offers other security products to secure users and their devices. Duo’s solution is cloud-based, which means there's no software to install, and no server to set up. The new investment will help accelerate the company’s technical innovations and operations as well as securing new partnerships.
2017. Google acquired enterprise-class Single Sign-On provider Bitium
Google has acquired Bitium, a company that focused on offering enterprise-grade identity management and access tools, such as single-sign on, for cloud-based applications. This will basically help Google better manage enterprise cloud customer implementation across an organization, including doing things like setting security levels and access policies for applications working across their Cloud and G Suite offerings. The goal of Bitium is to simplify the process of administrating and using popular cloud-based applications so that users aren’t tempted to enter the nefarious realm of “shadow IT,” where they fall back to their own personal accounts across these services because the enterprise alternative is sub-standard or difficult to access.
2017. SAP acquired customer identity management provider Gigya
SAP announced an acquisition of Gigya, a firm that helps online properties manage customer identities and profiles. Gigya today manages some 1.3 billion customer identities across hundreds of sites, existing business that it will bring under SAP’s umbrella. The idea will be to integrate those features into SAP’s wider e-commerce operation to expand the kinds of services it offers to existing customers, and to help sell more e-commerce services to Gigya’s base. Unlike alternatives Gigya originally had its start as a “social” log-in platform in which it helped online properties manage customer profiles as linked with their profiles on sites like Facebook. But a few years ago, the company started to widen out its view of the purpose of identity management and how it can be used for a wider set of customer management features for e-commerce and other sites.
2017. Identity management startup ForgeRock raised $88 million
Enterprise identity startup ForgeRock announced an $88 million Series D investment round. Unlike alternatives ForgeRock allows to authenticate not only users, but also machines and sensors attempting to access your systems. CEO Mike Ellis sees his company’s approach to identity as a natural extension of what’s happening the industry. “The relationships between humans, devices, things and services is driving security,” he says. It’s something the company has been building towards from the earliest days, a platform than can scale to deal with identity from a variety of sources beyond just human users. “We believe you have to exist everywhere — at the device and gateway level like a connected car, but also on prem and in cloud,” he said.
2017. Okta makes 2-factor authentication standard for all customers
Cloud identity provider Okta announced that it’s making 2FA the standard for all its customers. Research suggests that a large number of breaches are related to stolen or weak passwords. Okta recognizes that, so it’s implementing 2FA as a standard, presenting every user with a one-time passcode to add another layer of protection that will be harder for hackers to surface. What’s more, the company also sees the password reuse problem so it’s adding a compromised password detection tool, which can find commonly-used passwords from large, publicly-known data breaches and warn users if they are using them. It’s certainly a big step forward, and while 2FA isn’t a panacea, it’s still better than just a username and password because it’s adding that additional layer of protection.
2017. OneLogin brings some smarts to multi-factor authentication
Multi-factor authentication service OneLogin rolled out a new version of its mobile app that uses machine learning to determine your typical usage patterns and only asks you for a second factor when it determines that it’s absolutely necessary. Most MFA algorithms are rather rigid. If you’re on the network at work, you get asked for a password. If you’re not, you get asked for a second factor, but he says, it should be much more subtle than that, understanding how users access the network. The latest version of OneLogin OTP is designed to fix that. If you log in regularly from your home on the same laptop, after several times the system will learn that this is a common location and device, and you will be allowed onto the network without a second factor.
2016. OneLogin acquires Sphere Secure Workspace to gain mobile management
Cloud identity management provider OneLogin has acquired Sphere Secure Workspace to add mobile device management to their identity-driven security model. Sphere provides a container approach to mobile security where your work content is separated from your personal content inside a virtual container on a single device. This is not a new approach by any means, but it gives OneLogin entree into the light-weight mobile device management space. With Sphere, the company simply blows away the container when an employee leaves a company or loses a device, and the person’s other content remains intact. It gives the employee access to work content in a more secure way with a single log-in, while protecting the personal content.
2016. Enterprise identity management leader Okta expands partnership with Box
Cloud identity management and mobility management provider Okta announced a partnership with Box to support device-level security for the Box mobile app. Okta and Box have a long history together but this expands the friendship. The new solution will allow to apply a set of policies on the device, such as requiring a device PIN before you can use any of the managed apps. Okta’s EMM solution also includes integrated identity across participating apps with Single Sign-On (SSO) along with unified provisioning across all devices, according to the company.
2015. Identity management provider Okta gets $75M
Okta, the cloud identity management company, announced a $75 million round. Okta was valued at $1.2 billion in this deal, meaning it has entered the hallowed halls of the Unicorn club. While being a Unicorn isn’t what it once was, it still is meaningful and a big step for Okta, which has been trying to move beyond pure identity management into areas like security, mobile device management and two-factor identification. The company has been growing 100 percent year over year and as such they were burning through cash. This puts money in the bank and allows them to buy small strategic companies if they become available.
2015. Ping Identity adds authentication via Apple Watch
Identity management platform Ping Identity adds the ability to get your second authentication factor using an Apple Watch. The idea behind the platform is to put identity at the center of the security model and enable users — whether employees, partners or customers — to have access to applications, regardless of the device, based on who they are. You sign on to Ping, then your watch buzzes. You activate it and tap the sign on card on your Watch. It’s a clever way of using the Watch in a useful way to simplify security.
2015. Authy makes 2-factor authentication as painless as possible
Authy, the two-factor authentication startup, unveiled its newest product - OneTouch authentication service that makes two-factor authentication about as painless as possible. Instead of having to enter a code that’s generated on your phone into a web form, OneTouch simply sends a push notification to your phone, asks you to confirm that you want to sign in to the site that sent the notification and you’re in. That’s about as frictionless as two-factor authentication gets. The idea here is that by entering the code into the website, you basically prove that you have access to the phone, too, so you could just as well take this to the next level and use the phone to authenticate yourself.