dcsimg

10 Top Single Sign-On Solutions

SHARE
Share it on Twitter  
Share it on Facebook  
Share it on Linked in  
Email  

Single sign-on (SSO) solutions have become an important part of the security landscape. These solutions do away with the need for users to enter usernames and passwords for individual applications and systems. Instead, users simply sign in once and the solution communicates the appropriate credentials to the separate applications and systems.

SSO technologies utilize proxy and agent architectures, as well as standards-based identity federation. SSO can either be sold as a standalone product or as part of an access management or security suite. Single-sign on is often bundled with access control, centralized authentication, session management, authorization enforcement, multi-factor authentication and other functions.

Some SSO solutions run on-premises, while others run in the cloud, and some provide multiple deployment options. But the cloud is increasingly becoming the preferred option for SSO. Most vendors offer at least a software-as-a-service (SaaS) option on top of on-premises software offerings. And more than a few are now favoring SaaS-only SSO. According to Gartner, while SaaS remains in the minority of SSO offerings, it is by far the largest growth area of SSO and the market is steadily moving in that direction. By 2021, it is predicted to overtake on-premises deployments as the dominant model. Thus vendors hoping to perform well will need to provide cloud-based SSO services.

The following products and services are among the most popular and highly rated SSO solutions, followed by a table breaking down key features of each. For more on our methodology, see Our Top Security Vendor Methodology.

IBM Authentication Solutions

IBM Security Access Manager (ISAM) is IBM's on-premises SSO solution. The company also offers a SaaS SSO solution called Cloud Identity. Gartner Peer Reviews are 73 percent positive, with strong marks for product capabilities, technical support. Those users tend to be from large enterprises. Startup costs are higher relative to most other vendors partly due to the need for professional services. In addition, the SaaS capabilities of Cloud Identity lag some other vendors. Thus, IBM is mainly a candidate for existing IBM customers and enterprises looking for an on-premises deployment.

See our in-depth look at IBM Authentication Solutions
Read user reviews of IBM Authentication Solutions

ForgeRock Identity Platform

ForgeRock is strong in financial services, manufacturing, telco, media, and retail. In other words, large enterprises with complex access management requirements gravitate to ForgeRock. Due to its scalability and extensibility, it works well for any large-scale, customer-facing deployment. As it goes well beyond SSO, those needing only sign-on functions will probably look elsewhere.

See our in-depth look at ForgeRock Identity Platform
Read user reviews of ForgeRock Identity Platform

Micro Focus Access Manager

Micro Focus tends to serve mainly large- to medium-size enterprises for employee and B2B access management. This standalone SSO product can be delivered as SaaS, on premises, appliance or software. It should be considered along with other top vendors such as Okta, Microsoft, and Ping.

See our in-depth look at Micro Focus Access Manager
Read user reviews of Micro Focus Access Manager

OneLogin Unified Access Management Platform

OneLogin Unified Access Management Platform is primarily for workforce to cloud-based applications (B2E), as well as managing access for business partners, customers, and consumers. It gets a 92 percent thumbs up rating in Gartner Peer Reviews. However, SSO is just one function of the platform. It is a good fit for companies of all sizes needing SSO plus broader access management functions.

See our in-depth look at OneLogin Unified Access Management Platform
Read user reviews of OneLogin Unified Access Management Platform

CA Single Sign-On

CA Single Sign-On only gets 59% positive reviews on Gartner Peer Reviews despite being widely considered a market leader. But it does get high marks for user authentication. It is probably best for large enterprise environments with content that is highly sensitive or regulated. It can be used as on-premises software and in cloud and hybrid cloud environments.

See our in-depth look at CA SSO
Read user reviews of CA SSO

Oracle Enterprise Single Sign-On

Another leader that users seem lukewarm on, Oracle Enterprise Single Sign-On only managed 47% positive reviews in Gartner Peer Reviews. Problems cited include complex integration, lack of pricing flexibility, integration challenges, and lackluster service. However, it is used by some of the largest brands across the globe in financial services, retail, higher education, and government. It is probably best suited to large enterprises already running on an Oracle infrastructure.

See our in-depth look at Oracle Enterprise Single Sign-On solutions
Read user reviews of Oracle Enterprise Single Sign-On solutions

Okta Identity Cloud

Okta has 91% positive reviews on Gartner Peer Reviews and earned the top spot in the last Gartner Magic Quadrant. It can serve SMEs to large enterprises and offers industry-specific content tailored to education, energy, financial services, technology, non-profit, healthcare and government verticals. It is available only as a SaaS solution, so some enterprises with compliance or confidentiality hurdles may need to look elsewhere due to the lack of an on-premises option. But anyone willing to run SSO from the cloud should put Okta on their short list.

See our in-depth look at Okta Identity Cloud
Read user reviews of Okta Identity Cloud

Ping Identity

Ping is used by eight of the ten largest banks, seven of the ten largest biopharmaceuticals, four of the five largest healthcare plans and two of the three largest hospitals. It received 91% positive user reviews from Gartner Peer Reviews, but its SSO was rated behind Okta, ForgeRock and OneLogin on single sign-on functionality. Where it beats out some of these rivals, though, is by offering both on-premises and cloud options, making it a top contender for those seeking both.

See our in-depth look at Ping Identity
Read user reviews of Ping Identity

Idaptive Application Services

Idaptive is a new spinoff from Centify, and its Identity-as-a-Service offerings appeal mainly to small businesses and midsize enterprises. Users give it 85 percent positive ratings on Gartner Peer Reviews. But it goes beyond SSO to offer a wide range of application services, and that may be more than some companies desire.

See our in-depth look at Idaptive Application Services
Read user reviews of Idaptive Application Services

Microsoft Azure AD

Microsoft Azure Active Directory (Azure AD) includes Azure AD Connect to support on-premises directory integration and synchronization. Additionally, it includes Active Directory Federation Services (AD FS) as an option to support SSO. Azure AD includes reporting, security analytics, multifactor authentication and user provisioning for SaaS apps. It appeals to any organization, large or small, that uses the Microsoft Azure cloud platform. It's hard to beat for anyone running Azure.

See our in-depth look at Microsoft Azure AD
Read user reviews of Microsoft Azure AD

Top SSO Solutions Compared

Top Single Sign-On Providers
Top Single Sign-On Providers
VendorUse CasesMetricsGartner MQ PositionDeliveryPricing
IBMFinance, government, communications, insurance and manufacturing verticalsCan handle up to 42,000 requests per secondLeaderCloud, on premises, virtual appliance or hybridPer appliance, per processor or per user (starting at $2.50 per employee per month)
ForgeRockFinancial services, automotive/manufacturing, telco/media, and retailLargest installations top 100 million identitiesVisionaryOn premises or in the cloudSubscription pricing model
Micro FocusLarge- to medium-size enterprisesLargest installation is 38 million active users. Each server supports 70,000 concurrent sessions and 500 logins per second.ChallengerSaaS, on premises, appliance, and softwarePrimarily per managed identity
OneLoginCompanies of all sizesScales up to hundreds of thousands of usersLeaderSoftwareStarting at $2 per month per user
CA TechnologiesLarge enterpriseLargest customers: 3 billion transactions per month, 80 million+ usersLeaderOn-premises software, cloud and hybridPer user pricing
OracleFinancial services, retail, higher education, and governmentSupports hundreds of millions of usersLeaderSoftware or cloudPrices vary from one-time set up fees to monthly subscriptions
OktaCompanies of all sizesSupports tens of thousands of employees and partners and millions of usersLeaderSaaSFrom $2 per month per user
Ping IdentityLarge enterpriseScales to hundreds of millions of usersLeaderPhysical server or cloudFrom $28 per user annually
IdaptiveSmall business to midsize enterprisesNew cloud infrastructure supports hundreds of thousands of simultaneous usersVisionaryIdentity-as-a-Service$4 per month per user
Microsoft AzureAzure cloud usersMillions of users in B2C use casesLeaderIdentity-as-a-ServiceFrom $1 per month per user, $6 for premium