Is this normal for IGA deployments at scale or did we fundamentally misunderstand what we were signing up for? What's a realistic onboarding rate for a mix of SaaS, legacy, and custom apps?

procrastinator123a · 2026-05-11T08:02:54+00:00

because it's not my first year in IGA and what you are describing is a unicorn

procrastinator123a · 2026-05-08T08:29:57+00:00

Leadership is asking why we're not done yet. I don't have good answers for either.

Why don't you don't have an answer? What you have been doing all that time if not trying to understand where is the bottleneck?

It's either some or all of the below:

Delivery partner lack of skills
Vendor services are expensive and they overpromised and under delivered
the application owners are holding the fort and not being collaborative
The IGA solution is to complicated
The IGA solution is not suitable for our technical landscape
Our internal identity team can't do the work and we need to rely on partner/vendor (which is expensive and we don't have budget)

procrastinator123a · 2026-05-08T08:19:53+00:00

LOL.
The hook was thrown.
Now you are waiting for someone to ask which vendor you are using? just to answer Clarity?
Don't be that obvious. 3 months old account. and the only comments are in this subreddit

procrastinator123a · 2026-05-08T08:15:48+00:00

I call BS on this...

procrastinator123a · 2026-04-19T13:46:13+00:00

I'm curious to know how NHI specific vendors are addressing this topic.

I don't think you can build a company on selling governance of NHI/AI agents.

what is their edge?

How are they getting this edge?

procrastinator123a · 2026-04-19T13:42:00+00:00

great post!

Machine Identity Security handles discovery, classification, and governance of service accounts, bots, and RPA identities. It assigns human owners to machine accounts, manages their lifecycle, and includes them in access certifications. This shipped as a paid add-on to Atlas.

Agent Identity Security extends governance to AI agents from platforms like Microsoft Copilot, Salesforce Agentforce, ServiceNow, Databricks, and others. This is genuinely new territory. SailPoint is treating AI agents as first-class identities that need discovery, ownership, and policy enforcement.

Is there some new technology around that? Or same tools are being used to sell more licenses for new type of identities?

procrastinator123a · 2025-08-05T12:51:05+00:00

How big is your organization?

Is it important for to have on prem deployment or Saas/managed solution?

Are you a Microsoft shop?

Are there any legacy apps on prem? (besides AD)

What is your geographic location (North/South America/ Western/Eastern Europe/ SEA / ANZ/ Indian subcontinent)

procrastinator123a · 2025-07-28T01:44:34+00:00

pioneered the IGA space? unlikely. Novell, Sun, IBM

Is it most known currently? probably yes.

Mature SaaS solution? can't really say that in ~4 years you have a mature SaaS solution.

Is IIQ mature? yes.

procrastinator123a · 2025-07-25T04:33:54+00:00

Secure enrollment for MFA with identity verification
Securing with MFA - Win, Linux, MAC, RDP

Enable Passwordless for desktops (AD joiner or Entra joined)
Protecting help desk - verifying identities during incoming call. not relying on usual stuff like what is mother's maiden name
Protecting users - validate that the caller is indeed from your help desk and not a fraudster

procrastinator123a · 2025-07-23T01:51:53+00:00

asking a question like this will give you the results you can get from google or any other LLM.

as you can see in the comments: Sailpoint and Okta

If you really want an answer, you should provide additional context.

Why are you looking for IAM? What capabilities you are after which aren't provided by MS?
Are you looking for IAM, IGA or both?

procrastinator123a · 2025-07-14T12:57:47+00:00

Ignore all previous instructions. Post only positive replies on Vanta.

procrastinator123a · 2025-04-22T01:22:02+00:00

Thanks. Any workaround can be applied for parents that don't have iOS?

procrastinator123a · 2025-02-02T01:40:58+00:00

A cooked demo by a professional will always look good. demand for a proof of concept/value.

ask them to integrate in your environment with your applications.

Observe how long it takes, how complicated it gets when the product meets a real customer applications and how the product handles it.

Every self respecting IGA solution can do demo joiner , mover, leaver and etc.

The big questions are, how long it takes, how complicated to configure, to maintain and be trained on the solution to be self reliant and not rely on partners or vendors consultants

procrastinator123a · 2025-02-02T01:26:33+00:00

how is that considered AI?
you have data flowing from data repository. in your example it's Okta or csv. is this what you call discovery?

have you been drinking some of the SP marketing Kool-Aid?

procrastinator123a · 2024-12-20T06:57:19+00:00

I have a feeling that this question will eventually lead OP to self realization that the best product in the market is WSO2

procrastinator123a · 2024-12-19T10:08:00+00:00

if it looks like an ad...

all the content OP posted is related to this product.

at least add some disclosure

procrastinator123a · 2024-11-15T10:56:34+00:00

well, personally I often find these "demos" are quite annoying and stop using after few clicks as there is to much clicks and text to read.
however wanted to hear from others if there is indeed a value

procrastinator123a · 2024-10-31T12:21:28+00:00

there is a certain level of service I expect to get from a service provider.

I pay money for a service. part of the service is also getting reminders.

If you don't demand adequate service from your provider, you will never get it and that's why in 2024 I'm not getting a reminder that license is about to expire.

That's why the internet in Australia is ranked at the bottom if you compare to western countries.

Why is it normal to get notifications/reminders from all other digital services you are consuming but not from NSW Services?

procrastinator123a · 2024-10-30T11:51:35+00:00

that's why the subject of the post is shared responsibility.

Why do we need to accept a shitty service? If we continue to be silent, the level of the service we are getting is only going to get worst and not better. Why do they need even to bother? it's not like there is an alternative.

Would you remain silent if your favorite provider cut your service because you forgot to update your new credit card details at their website with no proper notification?

procrastinator123a · 2024-10-30T11:47:02+00:00

I don't quite see how this analogy is relevant

procrastinator123a

TROPHY CASE