JumpCloud vs. Microsoft Entra ID vs. OneLogin by One Identity

JumpCloud is least suited in situations where you have few devices, but lots of users. JumpCloud heavily focuses on the "One-User-One-Device" type of use, and does lack some of the features things like Active Directory is better suited for when having multiple users accessing one machine. Their Powershell APIs are fantastic and getting only more powerful. Lots of features are hidden behind these APIs, so admins not as familiar with Powershell would have more issues leveraging these tools. BYOD deployments are amazing, especially for macOS devices that are using Apple Business Manager and can leverage Zero Touch deployments. It is especially good at handling mixed systems, whereas other options, such as Jamf, are really suiting only for macOS, or Intune is more suited for Windows; JumpCloud managed to handle both systems well.

That one is tough. It's just easy to integrate the sign-on portion with other products from other companies. Like BluePoint or Podint. It's very easy to integrate the user information with others. Using Android ID to register an application with other companies' applications.

Incentivized

OneLogin is very convenient. Users can register their own iPhone or Android to act as their authorization device, meaning they will likely always have access to the OneLogin security code. The OneLogin application then allows the users to hit a button instead of inputting the security code to validate their two-factor authorization. OneLogin is great for businesses who need to enforce secure access into their various systems and tools. By consolidating the security into a single login with security device two-factor authorization, it makes it safe and easy to manage.

Incentivized

• User Management - The ability to control our users and set password/polices is made easy in the JC console
• Device Management - Using JC each user is assigned to their own device with only the rights to do their job - When elevated rights are required, this is done simply via the JC console for the period of time required
• SSO - Using JC's SAML SSO integrations we are building out our SSO offering and this is making for a much simpler daily user experience

Incentivized

• The first thing is that it's a really good platform to make a whole inventory of your hardware and software that you already have in the organization. It's very simple. It's very easy to look at what you have in the whole organization. And after that, start applying, for instance, some policies, some solutions in terms of zero trust access using MFA as a second form of authentication. So, these are the ways we use the MTIV platform.

Incentivized

• Connects with a lot of different vendors, tools, and sites. It is also customizable to where you can add almost any site you are logging into. This makes it especially useful for team members who may use a tool that other team members within the company do not use.
• It works. I've used a few keychain apps that work for a little while, or never work, and this app works 99.99% of the time. Only on one experience have I experienced issue access sites and that was due to user error.
• It's easy to update passwords and usernames within the app. It allows password resets to be an easy process and lowers the time in updating items everywhere.

Incentivized

• SSO via OpenID - Opening up their SSO from just SAML to including OpenID (OAuth) would allow us to make more use of the service and to also incorporate it into some internal testing suites
• Time Limited User Elevation - The ability to time limit a users elevation of privileges would be a great addition
• Extending device management to include LPA - Least Privilege Access is becoming a bigger ask from our external auditors - Being able to do this via JC would be amazing

Incentivized

• There is one thing that we lost since we migrated from Active Directory and it is the user expiration date. If I have an external that I know will work for six months, I have to manually check or put some kind of reminder. I cannot set an expiration date in Microsoft Entra ID. I still don't know why.

Incentivized

• Lack of administrative APIs for creating or setting up new connectors: This prevents the automated integration to federations and requires manual setup rather than discovery-based automated setup.
• Customization of the interface: The potential configuration of the interface are still limited at the moment (logo, primary and secondary colors, background). This prevents the usage of the platform as a communication medium or to organize the space in a more standard fashion (for our institution)
• There are some limitations with using the apps provisioning APIs that can lead to some termination or provisioning actions not being completed

Incentivized

MSFT Entra ID has been essential for managing our geographically dispersed team. We're confident that it will scale with us as grow, and we'll be able to take advantage of additional security and ID management features as they become necessary. Being able to centrally manage our user access from anywhere with a small support team is such a relief.

Incentivized

It's simple. I like how JumpCloud keeps things simple. Similar to Apple's ecosystem, they give you what you want with some extra features and bells and whistles but it doesn't take a large instruction manual to use it. They have the support system and KB articles to back up their product and learn about a feature and how to implement it

Incentivized

It's not complex. It works as configured, right? There's a lot of granular rules, and it'll get very specific if you need it to. But for many of our security capabilities, especially for mid-market enterprises, I think you can get all the capabilities you typically need with OnStar.

Incentivized

OneLogin is very easy to use. The most complicated part is the user setup and even that is not difficult. After everything is working, using it day to day is trivial. All you have to do is have the application ready on your phone and you can use a single set of login credentials to access all of your tools securely.

Incentivized

There has been a handful of outages but they have been either minimal or rarely severe

Incentivized

I could probably rate this a 10 but I'm always conservative on giving out perfect scored bt performance has not been a problem for us using Entra ID.

Incentivized

I have rarely contacted support. When I have, the responses were within expected time frames, and easy to access. Community support is incredible, both from the JumpCloud representatives, and the user base community at large. The support pages on the website also are typically very well written and strike a nice balance between having the technical information needed, and also being easy to understand for the small business types that might not have as much of a technical background as an IT Admin.

I have not needed to engage support for anything at this time. I have been able to find the answers either online or in a knowledgebase. I tried to skip the question but it would not let me, so I rated a 9 based on other interactions with Microsoft support I have had

Incentivized

There has never been an issue where I have needed to use the OneLogin support so it would be unfair to rate them anything other than a 10 on their ability to provide support. Like I said its a very basic platform that we use it for with no issues.

Incentivized

Most training was internally produced

Incentivized

Being responsible for choosing the product after a POC and pilot we found the process to be simple and effective

Incentivized

Make sure you use a good partner. Our implementation was a bit longer and more problematic than we expected. Our partner got it done, but, in my opinion, some of their inexperience and staffing issues were evident.

Incentivized

Incentivized

Microsoft Entra ID is not as stand-alone product as competitors like Okta. It may lack some of the features that competing products have but on the other hand it integrates both technically and license wise with other Microsoft cloud services and is easy to deploy. It is also the easiest way to extend identity management to the cloud if you already have Microsoft Active Directory in use.

Incentivized

OneLogin has a lesser cost as compared to other solutions. It also has a successful POC, partner expertise, integration with in-house and cloud-based apps, and provides restriction of access from unauthorized devices. It is a secure solution with industry-standard encryption, a good dashboard, and a cloud-based solution. In my opinion, there is not too much effort involved in the integration and it provides good OEM support.

Incentivized

Some features would make more sense for us to be bundled by machine, instead of the user. We have fewer machines, and multiple users log into one machine, so doing something like paying per user for services like Patch Management are difficult to warrant the cost. I also feel a more complete package that includes common addon features; Patch Management and Password Manager, would be an improvement. It would also be nice if we could change packages, addons, and other billing services via self-service instead of reaching out to our account manager.

The features are getting addresses per requirements and their value for Money. The proposed ROI and actual ROI build confidence.

Scalability is pretty trival for Entra ID. It's not difficult to manage a few or many accounts.

Incentivized

services and professional team and support teams are good

Incentivized

Microsoft Professional Services' technical knowledge is appreciable as consultants design the solution as per customer requirements. Mapping of features per user specifications and assisting Customer IT engineers to implement so they can manage and administer the services.

• Very easily add, or disable employee logins
• Reduce "password fatigue" by being able to reduce password expiration requirements, and having single sign on
• Higher security and visibility of security issues
• Reduced onboarding time from days to minutes
• Enabled easy reassignment of user accounts to another user via groups when employees leave
• Quick securing of terminated users, or otherwise compromised accounts
• Reduced user disablement time from previous manual methods requiring days, to literal minutes

• Definitely, I can consider this one a positive because, as I mentioned earlier, it's a tool that can help our internal ID team track end users' activities in their sign-in logs and a lot of other things, which is really good and helpful for us.

Incentivized

• The one big benefit would be time-saving. It is a very convenient platform.
• The access outside of the office also allows me to work at home or in my spare time for additional business that needs to be taken care of.

Incentivized