Gartner defines access management (AM) as tools that include authentication, authorization, single sign-on (SSO) and adaptive access capabilities for modern standards-based web applications, classic web applications and APIs.
AM’s purpose is to give people (employees, consumers and other users) and machines access to protected applications in a streamlined and consistent way that enhances the user experience. For people, SSO is part of the enhanced experience. AM is also responsible for providing security controls to protect the user session during runtime. It enforces authentication and runtime authorization using adaptive access. Lastly, AM can provide identity context for other cybersecurity tools and reliant applications to enable identity-first security.

Access Management

The System for Cross-Domain Identity Management (SCIM), also known as Identity Federation provide a protocol, schema definition and extension model for provisioning and managing identity data in cloud/hybrid applications and services. The protocol supports create, read, update and delete (CRUD) operations of identity resources, such as users, groups and custom resource extensions. SCIM reduces the costs of building connectors and synchronizes and consolidates identity data. SCIM uses a standardized protocol based on RESTful APIs and JSON, enabling easy integration with modern web services. It supports full CRUD operations for managing users and groups, and automates the entire user lifecycle from provisioning to deprovisioning across connected systems.
SCIM is widely used by IT administrators, identity managers, and SaaS developers to automate user provisioning and manage identity lifecycles securely across systems. It’s especially valuable in industries like finance, healthcare, education, technology, and government, where secure and compliant identity management is critical.

System for Cross-Domain Identity Management (SCIM)

Gartner defines user authentication as the journey-time process that provides credence in a claim to an identity established for a person for access to digital assets. User authentication is delivered by some combination of (a) an authenticator, (b) signals evaluation and (c) an authentication decision point, which may be from different vendors.
User authentication is used to provide credence in an identity claim for a person already known to an organization. The credence must be sufficient to bring account takeover (ATO) risks within the organization’s risk tolerance. Without effective authentication, the security of and trust in that person’s digital interactions are deeply undermined.
User authentication is foundational to and protects the value of other functions within an organization’s identity fabric, namely: runtime authorization, especially segregation of duties (SOD), audit (individual accountability), and identity analytics.

User Authentication

Gartner defines identity governance and administration (IGA) as the solution to manage the identity life cycle and govern access across on-premises and cloud environments. To accomplish this, IGA tools aggregate and correlate disparate identity and access rights data, and provide full capability controls over accounts and associated access.

Identity Governance and Administration

Microsoft Entra ID Reviews, Ratings & Features 2026 | Gartner Peer Insights

Evaluation and contract negotiation

Evaluation & Contracting

Timeliness of vendor's response

Integration and deployment

Integration & Deployment

Ease of deployment

Product capabilities

Product Capabilities

Auditing

Ease of
  Deployment

Scalability
  and Performance

User authentication

Access policy management

Access policy decision making and enforcement

Coarse and fine grained authorization control

Adaptive access and trust elevation

Single Sign-on

Session management

Security token services for token and protocol translation

Access event logging and reporting

Administer Users and Partners

API Access Control

Authorization and Adaptive Access

Standard Application Enablement

Threat Reporting and ITDR

Non-Standard Application Enablement

SSO and Session Management

Social Identity Support

Directory Services

Internal Access Administration

External Access Administration

Customization and Extensibility

Ease of Deployment

Resilience

Core Access Management

Business to Consumer Capabilities

Business to Business Capabilities

Portable Identity Integration

Service and support

Service & Support

Quality of technical support

Timeliness of vendor's response to support questions

Additional Context

How satisfied is your organization with the product meeting your needs?

Timely and complete response to product questions

Ability to understand your organization's needs

Quality of peer user community

Quality and availability of end-user training

Ease of integration using standard APIs and tools

Availability of quality 3rd-party resources (integrators, service providers, etc.)

Okta Workforce Identity

Okta

Microsoft Entra ID

Microsoft

Ping Identity Platform

Ping Identity

OneLogin

One Identity

Okta Customer Identity

SafeNet Trusted Access

Thales

AWS Identity and Access Management (IAM)

Amazon Web Services (AWS)

Oracle Access Management

Oracle

CyberArk Workforce Identity

CyberArk

SecureAuth Workforce IAM

SecureAuth

50M - 250M USD

<50M USD

250M - 500M USD

500M - 1B USD

1B - 3B USD

3B - 10B USD

30B + USD

Gov't/PS/ED <5,000 Employees

10B - 30B USD

Gov't/PS/ED 5,000 - 50,000 Employees

Gov't/PS/ED 50,000 + Employees

IT Associate

Many small areas lack completion. Group Management is seen as a half-baked implementation and must be coupled with additional products to be a usable Enterprise service. The SSO's inability to be coupled to large metadata providers as well is a limitation that is ignored. MFA has a hard data base limitation causing large organizations to have to be very picky on what MFA options are made available. API permissions are confusing and a security nightmare for security versus application admin. There is no customized access controls in how the API accesses data.

IT ASSOCIATE

Microsoft is a trusted vendor with high quality of services, support and SLA. Entra is a key product for Microsoft, so it is always in focus for the vendor and it provides a very good experience with both (vendor and product).

Google

Other...

Broadcom (VMware)

One Identity (OneLogin)

Broadcom

Auth0

Alibaba Cloud

Cisco Systems

Identity Automation

Akamai

Fortinet

Atos

Quest

Broadcom (Symantec)

IBM (Red Hat)

GoTo

ForgeRock

Salesforce

Strategy Associate

What has worked well - The ease of deployment since we were already owning the licenses and not utilizing the product fully. So deployment/integration was quick.
What has not worked well:
1. The tenant model for Entra ID created a lot of complications, example, lack of integrating multiple tenants with the same domain created complexity for us in terms of building non-prod environments. Required us to create a full new stack of Entra/AD environment.
2. Erratic SSO mechanism when Kerberos is not used, very inconsistent and bad user experience created because of lack of SSO without Kerberos.
3. Product Support - Probably the biggest pain point with the product. Working with Microsoft support has been one of the most challenging aspects if the whole implemenation. A simple case or escalation takes weeks and in that time we are bounced around among multiple teams/engineers without any clear communication or guidance.

IT Services Associate

We found limitations that we have to work around. They are expensive, but de-facto standard.

CHIEF INFORMATION SECURITY OFFICER

Rich in features and ability to integrate with 3rd party services. Hard to administrate. Frequent changes that if you don't follow them you're unable to find what you're looking for on the admin portals.

Architect

Even after all the years Entra ID has been on the market it still feels a little half baked. 
 

IT Manager

Built on a mature platform (Azure AD) its cloud / hybrid setup is familiar, and the documentation and various methods available to administer identities, e.g. PowerShell, Azure CLI PowerShell and Graph API calls, as well as Entra admin portal allow for a lot of different scenarios that go beyond basic admin, such as in-life checks and incident response actions. 

Manager, IT Security and Risk Management

Entra ID, to me, works great right out of the box for smaller companies that don’t have a security team to keep things managed with best practice in mind. in fact, to lower the security, you have to intentially want to do this and ignore Microsoft’s suggestions while you do so.

where i love it is when you do have a security team and have P2 licensing, which brings everything together with CA policies, risk based polices and added Defender recommendations. Having your CA policies tied to risky users and the ability to get as granular as possible makes the attack surface a bit smaller, and that isnt even bringing the awesome PIM setup into the conversation yet.

CYBER AND INFORMATION SECURITY ENGINEER

An Entra ID tenant is set up very easily and comes with good basic security features. This allows even small teams to benefit from a central, cloud-based user directory. More advanced features require additional licensing. 

SOFTWARE DEVELOPER

It has been a reliable platform that integrates well with the MS ecosystem. It works very well with MS 365 and Azure and features like single sign-on and multi-factor authentication are easy for users while still being secure. The main downsides are the confusing licensing and the learning curve for more advanced security setup. 

Active

Find the top Access Management Tools with Gartner. Compare and filter by verified product reviews and choose the software that’s right for your organization.

50M-1B USD

1B-10B USD

10B+ USD

Gov't/PS/Ed

IT Support Specialist

Overall, Microsoft Entra ID offers excellent help in managing multiple logins and controlling user access securely.I like the Single Sign On feature which allows us to just sign in once to access different apps, this saves time and reduces password reset tickets to our IT Team.Also the conditional access feature allows us to implement policies that vary based on location, user risk and device which is helpful in having strong security effortlessly. 

IT COMMUNICATIONS LEAD

Entra ID is a great product, whose biggest benefits are the integration with Microsoft 365 products.

Information Technology Support Specialist

I use Microsoft Entra ID to help manage user access and various permissions across our organization. Essentially, it has allowed us to control application access and to secure our sensitive resources through SSO and MFA. It has also allowed the organization to easily enforce policies, especially those related to security. 

Infrastructure Engineer

Robust Idp platforms, which provides reliability and security on the authentication and access management of a company.

IT CONSULTANT

This product presents a top notch experience.The capability to unify our user authentication, reduces reliance on manual provisioning and fosters security with features like MFA saves time and improves the user experience.Empower secure access management and protection from credential based attacks which boosts confidence and peace of mind knowing we always have a secure and purpose fit access whether working in office, remote or hybrid. Uses Conditional Access and Identity Protection to monitor user behavior and control app access in real time, which helps keep data safe.Connects easily with a wide range of apps, enabling a single system for managing user access across the organization. 

Chief Information Officer

Love using Microsoft Entra ID because it makes sure my accounts stay safe and unreachable from any unauthorized person and I can easily manage them. It has single sign on so I can login into multiple accounts using a single set of credentials.

IT Security & Risk Management Associate

Microsoft Entra ID is a good product that we enjoy a lot.  It is very customizable.  It integrates into the Microsoft ecosystem very well.  

Director Of Marketing And Communications

It is a reassuring tool which keeps security high and keeps things safe as I can use the single sign on feature to access multiple apps without entering the password again and again.

DIRECTOR OF INFORMATION MANAGEMENT

Microsoft Entra ID has ability to work fine across different environments such as cloud and on premises also it provides strong features for identity governance which helps me alot to audit and control access. 

Microsoft Entra ID is an identity and access management software designed to help organizations securely manage user identities and control access to applications and resources. The software offers features such as single sign-on, multifactor authentication, and conditional access policies to facilitate secure authentication and authorization processes. Entra ID enables centralized administration of users, groups, and devices, supporting hybrid environments with integration across cloud-based and on-premises applications. It addresses the business need for secure access management by providing tools for identity governance, monitoring, and reporting on user activities. The software helps organizations reduce security risks associated with unauthorized access and streamlines user lifecycle management.

Microsoft enables digital transformation for the era of an intelligent cloud and an intelligent edge. Its mission is to empower every person and every organization on the planet to achieve more. Microsoft is dedicated to advancing human and organizational achievement.

Microsoft Security helps protect people and data against cyberthreats to give peace of mind.


Every company has a mission. What's ours? To empower every person and every organization to achieve more. We believe technology can and should be a force for good and that meaningful innovation contributes to a brighter world in the future and today. Our culture doesn’t just encourage curiosity; it embraces it. Each day we make progress together by showing up as our authentic selves. We show up with a learn-it-all mentality. We show up cheering on others, knowing their success doesn't diminish our own. We show up every day open to learning our own biases, changing our behavior, and inviting in differences. When we show up, we achieve more together. 

Microsoft operates in 190 countries and is made up of more than 220,000 passionate employees worldwide.