Thank you!
Thanks for your enquiry. Someone from our support team will reach out you ASAP. Not fast enough? Call us at +91 87544 44337
Platform agnostic
On-prem or cloud
IAM is a critical component of your security strategy. But many IAM solutions integrate only with cloud-based applications, leaving your legacy, on-prem applications out in the cold. Akku plays well with ALL of your apps. Our 500+ pre-built connectors enable effortless integration with most popular SaaS platforms. And we're by your side to develop custom connectors to your in-house applications - whether they're on the cloud or hosted on-premises. Meaning your IAM deployment covers every corner of your IT environment for comprehensive security.
Akku's 500+ pre-built connectors and custom integrations for both cloud and on-prem apps ensure your IAM deployment covers every corner of your IT environment for comprehensive security
Friction-free
implementation
Getting your IAM up and running can be complicated and expensive - a major reason for failed IAM projects. Akku has been designed to be user-friendly and intuitive for anyone with minimal technical knowledge to set up. Akku's DIY design has been carefully crafted by studying several of its competitors. We have used intuitive workflows so that you find what you need without looking up a training manual. Even so, our pre-sales team is standing by to help with implementation and ensure you get everything you need out of the product.
Akku's DIY design is user-friendly, requiring minimal technical knowledge. Intuitive workflows eliminate the need for training manuals, and our pre-sales team is available to assist with implementation.
No-limits
customizability
and flexibility
Akku embodies the philosophy that IAM cannot be one-size-fits-all. Its modular architecture lets you implement only the functionality you need. Your security needs today are not the same as last year, and they'll look significantly different next year. Akku is built to ensure you can adapt to your changing needs and implement what you need when you need it. The result is a cost-effective path to meeting your security priorities at every stage of your business' growth. From unique workflows to custom access control functionalities, tell your Akku account manager what you need, and we'll build it for you.
Akku's modular architecture adapts to your changing security needs, allowing you to implement only the functionality you require, resulting in a cost-effective solution.
Consultative
Approach
We put our customers' needs above all else; we are happy to consult with you and evaluate whether you need our product. Akku and its features fit only some businesses and we don't want to fit a square peg in a round hole. We are here to help you decide what is important and what isn't regarding your cybersecurity needs. We may even provide solutions and suggestions that may lead you away from our product, and that's okay. We would rather provide you with actual value than sell you something you don't need.
We prioritize our customers' needs and offer consultations to assess if our product suits
them.
We're happy to provide solutions that may even lead you away from our product, we value providing
actual value
over
making a sale.
In-depth product comparisons
Save time by getting all key details in one place
VS
| Feature |  |
 |
|---|---|---|
|
Implementation Complexity
|
Employs microservices architecture for easy integration, customization and maintenance without business interruption. Provides a dedicated dashboard for Managed Services Providers (MSPs) to manage customers and their respective users, with user behavior analytics and metrics on authentication, authorization, and details on what applications are accessed by which user. Facilitates tenant and user creation with a step-by-step wizard requiring minimal to no training. Provides easily customizable mail notification templates. Offers cost-effective implementation plans. |
Comes packaged in a single project, which makes understanding the framework and codebase time-consuming. No dashboard available to provide metrics - metrics are available only if Keycloak is integrated with Grafana or any other monitoring tool. Customization of user activation and other mail notifications templates is cumbersome - it requires creating a theme with the necessary configuration to extend KeyCloak, and there is also insufficient documentation on this process. |
|
Documentation
& Support
|
Ensures cost-effective 24x7 support and provides detailed documentation. |
Provides limited online support and documentation, resulting in time-consuming debugging. |
|
Infrastructure Deployment
|
Deployed on a highly secure environment utilizing Kubernetes clusters and an Istio service mesh to ensure all traffic flows through a secure tunnel. Includes robust backup and failover mechanisms for deployed cloud resources, along with a monitoring system that continuously tracks each cloud resource. Sends immediate notifications to the DevOps team in the event of an incident for rapid resolution, ensuring high application availability. |
No readily available deployment infrastructure. |
|
Infrastructure Costs and Management
|
Manages all client instances through a K8s cluster environment allowing for ‘true' multi-tenant architecture that optimizes cost and facilitates efficient management of all the instances. |
All client instances need to be individually managed. |
|
Nested Multi-Tenancy
|
Allows for multiple levels of sub-tenants within each tenant along with their own administration console |
Available. |
|
Authenticate with existing Directory
|
Allows for authentication to the IAM platform using the organizations's existing directory service. |
Available. |
|
Identity broker
|
Enables you to integrate with and leverage any existing identity provider in the organization. |
Enables you to integrate with and leverage any existing identity Provider in the organization. |
|
LDAP & AD Integration
|
Provides readily available connectors for AD and LDAP, and can be connected through Akku's wizard. |
Providers readily avaliable connectors, but requires Keycloak-specific domain knowledge to integrate. |
|
SAML Authentication
|
Provides a customized UX to facilitate easy configuration with no specific domain expertise required. |
Available, but requires Keycloak-specifi domain expertise. |
|
OpenID
|
Provides a customized UX to facilitate easy configuration with no specific domain expertise required |
Available, but requires Keycloak-specifi domain expertise. |
|
OAuth2
|
Provides a customized UX to facilitate easy configuration with no specific domain expertise required |
Available, but requires Keycloak-specific domain expertise. |
|
SSO
|
Provides plug-and-play SSO with white-label options. |
Available. |
|
Single Logout
|
Enables single logout functionality, ensuring that when a user logs out of Akku, all integrated applications are automatically logged out. |
Not available. |
|
Desktop SSO
|
Allows users to log in from their Windows laptop or desktop and seamlessly access configured service provider applications without requiring additional authentication. |
Not available. |
|
SSO with Credential Replay
|
Allows for SSO to legacy apps that do not support federated authentication using Credential Replay |
Available. |
|
Configurable SSO App Dashboard
|
Allows the user to configure their SSO dashboard to add, remove, display or hide the listed apps. |
Not available. |
|
Configurable / Auto App Arragement in Dashboard
|
Allows users to arrange apps in the SSO dashboard into folders, ordered by most frequently used, alphabetically or based on user preference. |
Not available. |
|
Preferred Browser SSO
|
Allows the administrator or user to select the preferred browser on which each SSO application launches, based on which browser each app works best on. |
Not available. |
|
Auto Launch SSO Apps
|
Allows the administrator or user to select apps that have to be launched with SSO automatically when the machine starts. This requires Desktop SSO to be implemented. |
Not available. |
|
MFA
|
Provides multi-factor authentication (MFA) and adaptive MFA (AMFA) with a range of factors including push notification, face/touch, Google Authenticator and OTP based authentication. |
Available. |
|
Password Policy
|
Enables comprehensive password policy management, including length, complexity, expiration, and prevention of reuse. |
Not available. |
|
Configurable Auto Account Unlock
|
Enables locked user accounts to be automatically unlocked within a specified duration |
Enables locked user accounts to be automatically unlocked within a specified duration. |
|
Mobile Password Management
|
Allows users to manage their passwords using their mobile devices. |
Not available. |
|
Locked Out User Password Reset & Account Unlock
|
Allows locked out users to unlock their accounts or reset their passwords. |
Not available. |
|
Password Sync
|
Allows synchronization of users' passwords from the directory to all their apps that require credential replay for SSO. |
Not available. |
|
Roaming User Password Management
|
Allows for the password in the machine cache to be updated upon change or reset of password from outside the directory domain network. |
Not available. |
|
IP-based Restriction
|
Enables allowing access to applications only from authorized IPs through a simple configuration process. |
Enables allowing access to the admin console only from certain IPs. |
|
Location-based Restriction
|
Provides a facility to restrict access to users from a particular location. |
Not available. |
|
Device-based Restriction
|
Provides a dedicated access manager that enables allowing access only from authorized devices, and also allows integration with third party applications. |
Not available. |
|
MDM
|
Enables authorization, blocking, and revocation of access on individual devices including enforcing passcodes and remote data wipe. |
Not available. |
|
Provisioning / Deprovisioning of Applications
|
Provides application provisioning based on Akku's role-based access control (RBAC) as part of user onboarding, with single click deprovisioning across all applications. Provisioning is achieved through a dedicated provisioning engine with dedicated connectors to each target application. |
Not available. |
|
Subscription & User Management of Third-party Apps
|
Provides this functionality, with SAML 2.0 integration already done with 100+ SaaS applications |
Not available. |
|
Reports
|
Provides detailed audit logs for tracking all events related to access and session usage, enabling reports to be generated for specific time periods and for specific users and the applications they access. Also allows Build Your Own Reports at each tenant level. |
Provides basic reports on active sessions and user sessions that are not easy to understand. Does not provide Build Your Own Reports functionality. |
|
SaaS Application Usage Analytics
|
Provides daily monitoring of user activity track effective usage. Provides usage statistics to the tenant administrator, enabling informed decisions on deprovisioning users who are not actively utilizing integrated applications, which directly relates to effective utilization and cost management of SaaS applications. |
Provides usage analytics, but there is no specific intelligence provided to allow administrators to monitor and optimize licenses based on usage of SaaS applications. |
| Feature | |
 |
|---|---|---|
|
Implementation Complexity
|
Employs microservices architecture for easy integration, customization and maintenance without business interruption. Provides a dedicated dashboard for Managed Services Providers (MSPs) to manage customers and their respective users, with user behavior analytics and metrics on authentication, authorization, and details on what applications are accessed by which user. Facilitates tenant and user creation with a step-by-step wizard requiring minimal to no training. Provides easily customizable mail notification templates. Offers cost-effective implementation plans. |
Provides user-friendly with guided setup and no-code integration options. Requires expensive third-party vendor engagement for implementation. |
|
Documentation
& Support
|
Ensures cost-effective 24x7 support and provides detailed documentation. |
Provides extensive documentation, training, and dedicated support, but support plans are expensive. |
|
Infrastructure Deployment
|
Deployed on a highly secure environment utilizing Kubernetes clusters and an Istio service mesh to ensure all traffic flows through a secure tunnel. Includes robust backup and failover mechanisms for deployed cloud resources, along with a monitoring system that continuously tracks each cloud resource. Sends immediate notifications to the DevOps team in the event of an incident for rapid resolution, ensuring high application availability. |
Provides cloud-based deployment with high availability and scalability. |
|
Infrastructure Costs and Management
|
Manages all client instances through a K8s cluster environment allowing for ‘true' multi-tenant architecture that optimizes cost and facilitates efficient management of all the instances. |
Offers flexible subscription plans with centralized management tools. |
|
Nested Multi-Tenancy
|
Allows for multiple levels of sub-tenants within each tenant along with their own administration console |
Provides a multi-tenant environment where organizations can create separate tenants (organization units) for different customers or divisions, but does not natively support nested multi-tenancy (i.e., a tenant creating sub-tenants). |
|
Authenticate with existing Directory
|
Allows for authentication to the IAM platform using the organizations's existing directory service. |
Allows for sync of user identities from the organization's existing directory to the platform's cloud directory. However, authentication happens with the platform's cloud directory. |
|
Identity broker
|
Enables you to integrate with and leverage any existing identity provider in the organization. |
While integration may be possible, authentication still has to be done using the platform's identity provider. |
|
LDAP & AD Integration
|
Provides readily available connectors for AD and LDAP, and can be connected through Akku's wizard. |
Supports LDAP and AD synchronization for seamless user management. |
|
SAML Authentication
|
Provides a customized UX to facilitate easy configuration with no specific domain expertise required. |
Supports SAML authentication for federated identity management. |
|
OpenID
|
Provides a customized UX to facilitate easy configuration with no specific domain expertise required |
Supports OAuth2 for securing API access and authentication flows. |
|
SSO
|
Provides plug-and-play SSO with white-label options. |
Provides SSO, but white-label option is not available. |
|
OAuth2
|
Provides a customized UX to facilitate easy configuration with no specific domain expertise required. |
Available. |
|
Single Logout
|
Enables single logout functionality, ensuring that when a user logs out of Akku, all integrated applications are automatically logged out. |
Supports single logout for SAML and OpenID-based authentication. |
|
Desktop SSO
|
Allows users to log in from their Windows laptop or desktop and seamlessly access configured service provider applications without requiring additional authentication. |
Supports Windows and Mac desktop SSO for passwordless authentication. |
|
SSO with Credential Replay
|
Allows for SSO to legacy apps that do not support federated authentication using Credential Replay^ |
Available. |
|
Configurable SSO App Dashboard
|
Allows the user to configure their SSO dashboard to add, remove, display or hide the listed apps.^ |
Allows the user to configure their SSO dashboard to add, remove, display or hide the listed apps. ^ |
|
Configurable / Auto App Arragement in Dashboard
|
Allows users to arrange apps in the SSO dashboard into folders, ordered by most frequently used, alphabetically or based on user preference. |
Not available. |
|
Preferred Browser SSO
|
Allows the administrator or user to select the preferred browser on which each SSO application launches, based on which browser each app works best on. |
Not available. |
|
Auto Launch SSO Apps
|
Allows the administrator or user to select apps that have to be launched with SSO automatically when the machine starts. This requires Desktop SSO to be implemented. |
Not available. |
|
MFA
|
Provides multi-factor authentication (MFA) and adaptive MFA (AMFA) with a range of factors including push notification, face/touch, Google Authenticator and OTP based authentication. |
Provides adaptive MFA with SMS, email, push notifications, and biometric options. |
|
Password Policy
|
Enables comprehensive password policy management, including length, complexity, expiration, and prevention of reuse. |
Supports strong password policy enforcement, including complexity and expiration rules. |
|
Configurable Auto Account Unlock
|
Enables locked user accounts to be automatically unlocked within a specified duration |
Enables locked user accounts to be automatically unlocked within a specified duration. |
|
Mobile Password Management
|
Allows users to manage their passwords using their mobile devices. |
Not available. |
|
Locked Out User Password Reset & Account Unlock
|
Allows locked out users to unlock their accounts or reset their passwords. |
Not available. |
|
Password Sync
|
Allows synchronization of users' passwords from the directory to all their apps that require credential replay for SSO. |
Not available. |
|
Roaming User Password Management
|
Allows for the password in the machine cache to be updated upon change or reset of password from outside the directory domain network. |
Not available. |
|
IP-based Restriction
|
Enables allowing access to applications only from authorized IPs through a simple configuration process. |
Provides this functionality, but using the adaptive MFA feature instead of through a proper access manager. |
|
Location-based Restriction
|
Provides a facility to restrict access to users from a particular location. |
Provides this functionality, but using the adaptive MFA feature instead of through a proper access manager. |
|
Device-based Restriction
|
Provides a dedicated access manager that enables allowing access only from authorized devices, and also allows integration with third party applications. |
Supports device-based access control using FastPass authentication. |
|
MDM
|
Enables authorization, blocking, and revocation of access on individual devices including enforcing passcodes and remote data wipe. |
Available only through bolt-on third-party MDM solutions. |
|
Provisioning / Deprovisioning of Applications
|
Provides application provisioning based on Akku's role-based access control (RBAC) as part of user onboarding, with single click deprovisioning across all applications. Provisioning is achieved through a dedicated provisioning engine with dedicated connectors to each target application. |
Provides limited provisioning functionality using JIT provisioning or SCIM provisioning using a third party - not a reliable or recommended approach to provisioning. |
|
Subscription & User Management of Third-party Apps
|
Provides this functionality, with SAML 2.0 integration already done with 100+ SaaS applications |
Supports third-party application management with SSO and user lifecycle automation. |
|
Reports
|
Provides detailed audit logs for tracking all events related to access and session usage, enabling reports to be generated for specific time periods and for specific users and the applications they access. Also allows Build Your Own Reports at each tenant level. |
Provides advanced reporting and analytics with detailed security insights. Does not provide Build Your Own Reports functionality. |
|
SaaS Application Usage Analytics
|
Provides daily monitoring of user activity track effective usage. Provides usage statistics to the tenant administrator, enabling informed decisions on deprovisioning users who are not actively utilizing integrated applications, which directly relates to effective utilization and cost management of SaaS applications. |
Provides usage analytics, but there is no specific intelligence provided to allow administrators to monitor and optimize licenses based on usage of SaaS applications. |
| Feature | |
 |
|---|---|---|
|
Implementation Complexity
|
Employs microservices architecture for easy integration, customization and maintenance without business interruption. Provides a dedicated dashboard for Managed Services Providers (MSPs) to manage customers and their respective users, with user behavior analytics and metrics on authentication, authorization, and details on what applications are accessed by which user. Facilitates tenant and user creation with a step-by-step wizard requiring minimal to no training. Provides easily customizable mail notification templates. Offers cost-effective implementation plans. |
Provides simplified setup with step-by-step integration guides. Requires expensive third-party vendor engagement for implementation. |
|
Documentation
& Support
|
Ensures cost-effective 24x7 support and provides detailed documentation. |
Provides extensive documentation, training, and dedicated support, but support plans are expensive. |
|
Infrastructure Deployment
|
Deployed on a highly secure environment utilizing Kubernetes clusters and an Istio service mesh to ensure all traffic flows through a secure tunnel. Includes robust backup and failover mechanisms for deployed cloud resources, along with a monitoring system that continuously tracks each cloud resource. Sends immediate notifications to the DevOps team in the event of an incident for rapid resolution, ensuring high application availability. |
Provides cloud-based deployment, ensuring minimal maintenance and security updates. |
|
Infrastructure Costs and Management
|
Manages all client instances through a K8s cluster environment allowing for ‘true' multi-tenant architecture that optimizes cost and facilitates efficient management of all the instances. |
Provides a cost-effective subscription model with automated maintenance. |
|
Nested Multi-Tenancy
|
Allows for multiple levels of sub-tenants within each tenant along with their own administration console |
Provides multi-tenancy in identity and access management, especially for MSPs and enterprise customers, but true nested multi-tenancy (sub-tenants under tenants) is not a core feature. |
|
Authenticate with existing Directory
|
Allows for authentication to the IAM platform using the organizations's existing directory service. |
Allows for sync of user identities from the organization's existing directory to the platform's cloud directory. However, authentication happens with the platform's cloud directory. |
|
Identity broker
|
Enables you to integrate with and leverage any existing identity provider in the organization. |
While integration may be possible, authentication still has to be done using the platform's identity provider. |
|
LDAP & AD Integration
|
Provides readily available connectors for AD and LDAP, and can be connected through Akku's wizard. |
Provides built-in support for LDAP and Active Directory integration. |
|
SAML Authentication
|
Provides a customized UX to facilitate easy configuration with no specific domain expertise required. |
Provides built-in SAML authentication with easy configuration. |
|
OpenID
|
Provides a customized UX to facilitate easy configuration with no specific domain expertise required |
Offers OpenID authentication for third-party applications. |
|
OAuth2
|
Provides a customized UX to facilitate easy configuration with no specific domain expertise required. |
Provides OAuth2 authentication for seamless API security. |
|
SSO
|
Provides plug-and-play SSO with white-label options. |
Provides SSO, but white-label option is not available. |
|
Single Logout
|
Enables single logout functionality, ensuring that when a user logs out of Akku, all integrated applications are automatically logged out. |
Supports single logout for SAML and OpenID-based authentication. |
|
Desktop SSO
|
Allows users to log in from their Windows laptop or desktop and seamlessly access configured service provider applications without requiring additional authentication. |
Provides desktop SSO for Windows and Linux environments. |
|
SSO with Credential Replay
|
Allows for SSO to legacy apps that do not support federated authentication using Credential Replay^ |
Available. |
|
Configurable SSO App Dashboard
|
Allows the user to configure their SSO dashboard to add, remove, display or hide the listed apps.^ |
Not available. |
|
Configurable / Auto App Arragement in Dashboard
|
Allows users to arrange apps in the SSO dashboard into folders, ordered by most frequently used, alphabetically or based on user preference. |
Not available. |
|
Preferred Browser SSO
|
Allows the administrator or user to select the preferred browser on which each SSO application launches, based on which browser each app works best on. |
Not available. |
|
Auto Launch SSO Apps
|
Allows the administrator or user to select apps that have to be launched with SSO automatically when the machine starts. This requires Desktop SSO to be implemented. |
Not available. |
|
MFA
|
Provides multi-factor authentication (MFA) and adaptive MFA (AMFA) with a range of factors including push notification, face/touch, Google Authenticator and OTP based authentication. |
Offers multi-factor authentication using TOTP, push, and biometric methods. |
|
Password Policy
|
Enables comprehensive password policy management, including length, complexity, expiration, and prevention of reuse. |
Provides configurable password policies to meet security standards. |
|
Configurable Auto Account Unlock
|
Enables locked user accounts to be automatically unlocked within a specified duration |
Enables locked user accounts to be automatically unlocked within a specified duration. |
|
Mobile Password Management
|
Allows users to manage their passwords using their mobile devices. |
Not available. |
|
Locked Out User Password Reset & Account Unlock
|
Allows locked out users to unlock their accounts or reset their passwords. |
Not available. |
|
Password Sync
|
Allows synchronization of users' passwords from the directory to all their apps that require credential replay for SSO. |
Not available. |
|
Roaming User Password Management
|
Allows for the password in the machine cache to be updated upon change or reset of password from outside the directory domain network. |
Not available. |
|
IP-based Restriction
|
Enables allowing access to applications only from authorized IPs through a simple configuration process. |
Provides this functionality, but using the adaptive MFA feature instead of through a proper access manager. |
|
Location-based Restriction
|
Provides a facility to restrict access to users from a particular location. |
Provides this functionality, but using the adaptive MFA feature instead of through a proper access manager. |
|
Device-based Restriction
|
Provides a dedicated access manager that enables allowing access only from authorized devices, and also allows integration with third party applications. |
Provides device-based access control, including MAC address-based restrictions. |
|
MDM
|
Enables authorization, blocking, and revocation of access on individual devices including enforcing passcodes and remote data wipe. |
Available. |
|
Provisioning / Deprovisioning of Applications
|
Provides application provisioning based on Akku's role-based access control (RBAC) as part of user onboarding, with single click deprovisioning across all applications. Provisioning is achieved through a dedicated provisioning engine with dedicated connectors to each target application. |
Provides limited provisioning functionality using JIT provisioning or SCIM provisioning using a third party - not a reliable or recommended approach to provisioning. |
|
Subscription & User Management of Third-party Apps
|
Provides this functionality, with SAML 2.0 integration already done with 100+ SaaS applications |
Provides subscription and user management features for integrated applications. |
|
Reports
|
Provides detailed audit logs for tracking all events related to access and session usage, enabling reports to be generated for specific time periods and for specific users and the applications they access. Also allows Build Your Own Reports at each tenant level. |
Provides comprehensive reporting capabilities for user activity and access monitoring. Does not provide Build Your Own Reports functionality. |
|
SaaS Application Usage Analytics
|
Provides daily monitoring of user activity track effective usage. Provides usage statistics to the tenant administrator, enabling informed decisions on deprovisioning users who are not actively utilizing integrated applications, which directly relates to effective utilization and cost management of SaaS applications. |
Provides usage analytics, but there is no specific intelligence provided to allow administrators to monitor and optimize licenses based on usage of SaaS applications. |
| Feature | |
 |
|---|---|---|
|
Implementation Complexity
|
Employs microservices architecture for easy integration, customization and maintenance without business interruption. Provides a dedicated dashboard for Managed Services Providers (MSPs) to manage customers and their respective users, with user behavior analytics and metrics on authentication, authorization, and details on what applications are accessed by which user. Facilitates tenant and user creation with a step-by-step wizard requiring minimal to no training. Provides easily customizable mail notification templates. Offers cost-effective implementation plans. |
Comes designed for ease of use with a straightforward setup process. Requires expensive third-party vendor engagement for implementation. |
|
Documentation
& Support
|
Ensures cost-effective 24x7 support and provides detailed documentation. |
Provides extensive documentation, training, and dedicated support, but support plans are expensive. |
|
Infrastructure Deployment
|
Deployed on a highly secure environment utilizing Kubernetes clusters and an Istio service mesh to ensure all traffic flows through a secure tunnel. Includes robust backup and failover mechanisms for deployed cloud resources, along with a monitoring system that continuously tracks each cloud resource. Sends immediate notifications to the DevOps team in the event of an incident for rapid resolution, ensuring high application availability. |
Provides fully managed cloud-based deployment with built-in redundancy and failover support. |
|
Infrastructure Costs and Management
|
Manages all client instances through a K8s cluster environment allowing for ‘true' multi-tenant architecture that optimizes cost and facilitates efficient management of all the instances. |
Provides a simplified cost structure with managed cloud infrastructure. |
|
Nested Multi-Tenancy
|
Allows for multiple levels of sub-tenants within each tenant along with their own administration console |
Not available. |
|
Authenticate with existing Directory
|
Allows for authentication to the IAM platform using the organizations's existing directory service. |
Allows for sync of user identities from the organization's existing directory to the platform's cloud directory. However, authentication happens with the platform's cloud directory. |
|
Identity broker
|
Enables you to integrate with and leverage any existing identity provider in the organization. |
Enables you to integrate with and leverage any existing identity Provider in the organization. |
|
LDAP & AD Integration
|
Provides readily available connectors for AD and LDAP, and can be connected through Akku's wizard. |
Enables synchronization with AD and LDAP for centralized user management. |
|
SAML Authentication
|
Provides a customized UX to facilitate easy configuration with no specific domain expertise required. |
Supports SAML authentication for single sign-on across multiple applications. |
|
OpenID
|
Provides a customized UX to facilitate easy configuration with no specific domain expertise required |
Supports OpenID-based authentication for secure access. |
|
OAuth2
|
Provides a customized UX to facilitate easy configuration with no specific domain expertise required. |
Offers OAuth2 authentication with built-in security policies. |
|
SSO
|
Provides plug-and-play SSO with white-label options. |
Provides SSO, but white-label option is not available. |
|
Single Logout
|
Enables single logout functionality, ensuring that when a user logs out of Akku, all integrated applications are automatically logged out. |
Supports single logout for SAML and OpenID-based authentication. |
|
Desktop SSO
|
Allows users to log in from their Windows laptop or desktop and seamlessly access configured service provider applications without requiring additional authentication. |
Enables seamless desktop authentication without requiring user credentials. |
|
SSO with Credential Replay
|
Allows for SSO to legacy apps that do not support federated authentication using Credential Replay^ |
Available. |
|
Configurable SSO App Dashboard
|
Allows the user to configure their SSO dashboard to add, remove, display or hide the listed apps.^ |
Not available. |
|
Configurable / Auto App Arragement in Dashboard
|
Allows users to arrange apps in the SSO dashboard into folders, ordered by most frequently used, alphabetically or based on user preference. |
Not available. |
|
Preferred Browser SSO
|
Allows the administrator or user to select the preferred browser on which each SSO application launches, based on which browser each app works best on. |
Not available. |
|
Auto Launch SSO Apps
|
Allows the administrator or user to select apps that have to be launched with SSO automatically when the machine starts. This requires Desktop SSO to be implemented. |
Not available. |
|
MFA
|
Provides multi-factor authentication (MFA) and adaptive MFA (AMFA) with a range of factors including push notification, face/touch, Google Authenticator and OTP based authentication. |
Supports various MFA methods, including app-based authentication and hardware tokens. |
|
Password Policy
|
Enables comprehensive password policy management, including length, complexity, expiration, and prevention of reuse. |
Allows password complexity enforcement and expiration policies. |
|
Configurable Auto Account Unlock
|
Enables locked user accounts to be automatically unlocked within a specified duration |
Not available. |
|
Mobile Password Management
|
Allows users to manage their passwords using their mobile devices. |
Allows users to manage their passwords using their mobile devices. |
|
Locked Out User Password Reset & Account Unlock
|
Allows locked out users to unlock their accounts or reset their passwords. |
Not available. |
|
Password Sync
|
Allows synchronization of users' passwords from the directory to all their apps that require credential replay for SSO. |
Not available. |
|
Roaming User Password Management
|
Allows for the password in the machine cache to be updated upon change or reset of password from outside the directory domain network. |
Not available. |
|
IP-based Restriction
|
Enables allowing access to applications only from authorized IPs through a simple configuration process. |
Provides this functionality, but using the adaptive MFA feature instead of through a proper access manager. |
|
Location-based Restriction
|
Provides a facility to restrict access to users from a particular location. |
Provides this functionality, but using the adaptive MFA feature instead of through a proper access manager. |
|
Device-based Restriction
|
Provides a dedicated access manager that enables allowing access only from authorized devices, and also allows integration with third party applications. |
Offers device trust policies and security enforcement on registered devices. |
|
MDM
|
Enables authorization, blocking, and revocation of access on individual devices including enforcing passcodes and remote data wipe. |
Available. |
|
Provisioning / Deprovisioning of Applications
|
Provides application provisioning based on Akku's role-based access control (RBAC) as part of user onboarding, with single click deprovisioning across all applications. Provisioning is achieved through a dedicated provisioning engine with dedicated connectors to each target application. |
Provides limited provisioning functionality using JIT provisioning or SCIM provisioning using a third party - not a reliable or recommended approach to provisioning. |
|
Subscription & User Management of Third-party Apps
|
Provides this functionality, with SAML 2.0 integration already done with 100+ SaaS applications |
Enables centralized management of third-party applications and user subscriptions. |
|
Reports
|
Provides detailed audit logs for tracking all events related to access and session usage, enabling reports to be generated for specific time periods and for specific users and the applications they access. Also allows Build Your Own Reports at each tenant level. |
Provides real-time logging, analytics, and security alerts. Does not provide Build Your Own Reports functionality. |
|
SaaS Application Usage Analytics
|
Provides daily monitoring of user activity track effective usage. Provides usage statistics to the tenant administrator, enabling informed decisions on deprovisioning users who are not actively utilizing integrated applications, which directly relates to effective utilization and cost management of SaaS applications. |
Provides usage analytics, but there is no specific intelligence provided to allow administrators to monitor and optimize licenses based on usage of SaaS applications. |
| Feature | |
 |
|---|---|---|
|
Implementation Complexity
|
Employs microservices architecture for easy integration, customization and maintenance without business interruption. Provides a dedicated dashboard for Managed Services Providers (MSPs) to manage customers and their respective users, with user behavior analytics and metrics on authentication, authorization, and details on what applications are accessed by which user. Facilitates tenant and user creation with a step-by-step wizard requiring minimal to no training. Provides easily customizable mail notification templates. Offers cost-effective implementation plans. |
Comes with complex, expensive, and time-consuming implementation and a lock-in to Microsoft products and technologies, resulting in high TCO. |
|
Documentation
& Support
|
Ensures cost-effective 24x7 support and provides detailed documentation. |
Provides extensive documentation, training, and dedicated support, but support plans are expensive. |
|
Infrastructure Deployment
|
Deployed on a highly secure environment utilizing Kubernetes clusters and an Istio service mesh to ensure all traffic flows through a secure tunnel. Includes robust backup and failover mechanisms for deployed cloud resources, along with a monitoring system that continuously tracks each cloud resource. Sends immediate notifications to the DevOps team in the event of an incident for rapid resolution, ensuring high application availability. |
Provides cloud-based deployment integrated seamlessly with Azure services, but comes with a lock-in with Microsoft. |
|
Infrastructure Costs and Management
|
Manages all client instances through a K8s cluster environment allowing for ‘true' multi-tenant architecture that optimizes cost and facilitates efficient management of all the instances. |
Comes with a complex pricing structure involving multiple Microsoft products. |
|
Nested Multi-Tenancy
|
Allows for multiple levels of sub-tenants within each tenant along with their own administration console |
Provides multi-tenant identity management capabilities, but does not support nested multi-tenancy natively. |
|
Authenticate with existing Directory
|
Allows for authentication to the IAM platform using the organizations's existing directory service. |
Allows for authentication only with Microsoft AD and Azure AD. |
|
Identity broker
|
Enables you to integrate with and leverage any existing identity provider in the organization. |
Not available. |
|
LDAP & AD Integration
|
Provides readily available connectors for AD and LDAP, and can be connected through Akku's wizard. |
Supports only Microsoft AD and Azure AD. |
|
SAML Authentication
|
Provides a customized UX to facilitate easy configuration with no specific domain expertise required. |
Supports SAML authentication for single sign-on across multiple applications. |
|
OpenID
|
Provides a customized UX to facilitate easy configuration with no specific domain expertise required |
Supports OpenID-based authentication for secure access. |
|
OAuth2
|
Provides a customized UX to facilitate easy configuration with no specific domain expertise required. |
Offers OAuth2 authentication with built-in security policies. |
|
SSO
|
Provides plug-and-play SSO with white-label options. |
Provides SSO, but white-label option is not available. |
|
Single Logout
|
Enables single logout functionality, ensuring that when a user logs out of Akku, all integrated applications are automatically logged out. |
Supports single logout for SAML and OpenID Connect-based authentication. |
|
Desktop SSO
|
Allows users to log in from their Windows laptop or desktop and seamlessly access configured service provider applications without requiring additional authentication. |
Requires purchase and implementation of Microsoft AD and Azure AD. |
|
SSO with Credential Replay
|
Allows for SSO to legacy apps that do not support federated authentication using Credential Replay^ |
Available. |
|
Configurable SSO App Dashboard
|
Allows the user to configure their SSO dashboard to add, remove, display or hide the listed apps.^ |
Not available. |
|
Configurable / Auto App Arragement in Dashboard
|
Allows users to arrange apps in the SSO dashboard into folders, ordered by most frequently used, alphabetically or based on user preference. |
Not available. |
|
Preferred Browser SSO
|
Allows the administrator or user to select the preferred browser on which each SSO application launches, based on which browser each app works best on. |
Not available. |
|
Auto Launch SSO Apps
|
Allows the administrator or user to select apps that have to be launched with SSO automatically when the machine starts. This requires Desktop SSO to be implemented. |
Not available. |
|
MFA
|
Provides multi-factor authentication (MFA) and adaptive MFA (AMFA) with a range of factors including push notification, face/touch, Google Authenticator and OTP based authentication. |
Provides a robust MFA solution with conditional access policies, supporting app-based, SMS, and biometric authentication |
|
Password Policy
|
Enables comprehensive password policy management, including length, complexity, expiration, and prevention of reuse. |
Enables comprehensive password policy management, including length, complexity, expiration, and banned password lists. |
|
Configurable Auto Account Unlock
|
Enables locked user accounts to be automatically unlocked within a specified duration |
Provides configurable account lockout policies with auto-unlock settings to prevent brute-force attacks. |
|
Mobile Password Management
|
Allows users to manage their passwords using their mobile devices. |
Enables mobile password reset and self-service password management through the Microsoft Authenticator app. |
|
Locked Out User Password Reset & Account Unlock
|
Allows locked out users to unlock their accounts or reset their passwords. |
Provides self-service password reset with identity verification methods, allowing users to reset their passwords and unlock accounts. |
|
Password Sync
|
Allows synchronization of users' passwords from the directory to all their apps that require credential replay for SSO. |
Provides password synchronization between on-premises Active Directory and cloud applications through Azure AD Connect. |
|
Roaming User Password Management
|
Allows for the password in the machine cache to be updated upon change or reset of password from outside the directory domain network. |
Provides password writeback capabilities, allowing roaming users to sync their updated credentials across devices outside the corporate network. |
|
IP-based Restriction
|
Enables allowing access to applications only from authorized IPs through a simple configuration process. |
Provides this functionality through conditional access policies. |
|
Location-based Restriction
|
Provides a facility to restrict access to users from a particular location. |
Provides this functionality through conditional access policies. |
|
Device-based Restriction
|
Provides a dedicated access manager that enables allowing access only from authorized devices, and also allows integration with third party applications. |
Provides this functionality through conditional access policies. |
|
MDM
|
Enables authorization, blocking, and revocation of access on individual devices including enforcing passcodes and remote data wipe. |
Available. |
|
Provisioning / Deprovisioning of Applications
|
Provides application provisioning based on Akku's role-based access control (RBAC) as part of user onboarding, with single click deprovisioning across all applications. Provisioning is achieved through a dedicated provisioning engine with dedicated connectors to each target application. |
Provides extensive and in-depth provisioning and deprovisioning features, but is highly dependent on Microsoft AD or Azure AD and other Microsoft products. |
|
Subscription & User Management of Third-party Apps
|
Provides this functionality, with SAML 2.0 integration already done with 100+ SaaS applications |
Provides subscription and user management features for integrated applications. |
|
Reports
|
Provides detailed audit logs for tracking all events related to access and session usage, enabling reports to be generated for specific time periods and for specific users and the applications they access. Also allows Build Your Own Reports at each tenant level. |
Provides advanced security monitoring and reporting with built-in compliance tracking, but requires purchase of other Microsoft products for proper reporting. |
|
SaaS Application Usage Analytics
|
Provides daily monitoring of user activity track effective usage. Provides usage statistics to the tenant administrator, enabling informed decisions on deprovisioning users who are not actively utilizing integrated applications, which directly relates to effective utilization and cost management of SaaS applications. |
Requires the purchase of other Microsoft products. |
| Feature | |
 |
|---|---|---|
|
Implementation Complexity
|
Employs microservices architecture for easy integration, customization and maintenance without business interruption. Provides a dedicated dashboard for Managed Services Providers (MSPs) to manage customers and their respective users, with user behavior analytics and metrics on authentication, authorization, and details on what applications are accessed by which user. Facilitates tenant and user creation with a step-by-step wizard requiring minimal to no training. Provides easily customizable mail notification templates. Offers cost-effective implementation plans. |
Comes with complex, expensive, and time-consuming implementation, resulting in high TCO. |
|
Documentation
& Support
|
Ensures cost-effective 24x7 support and provides detailed documentation. |
Provides extensive documentation, training, and dedicated support, but support plans are expensive. |
|
Infrastructure Deployment
|
Deployed on a highly secure environment utilizing Kubernetes clusters and an Istio service mesh to ensure all traffic flows through a secure tunnel. Includes robust backup and failover mechanisms for deployed cloud resources, along with a monitoring system that continuously tracks each cloud resource. Sends immediate notifications to the DevOps team in the event of an incident for rapid resolution, ensuring high application availability. |
Offers both cloud-based and on-premises identity security solutions. |
|
Infrastructure Costs and Management
|
Manages all client instances through a K8s cluster environment allowing for ‘true' multi-tenant architecture that optimizes cost and facilitates efficient management of all the instances. |
Comes with expensive subscription and purchase models. |
|
Nested Multi-Tenancy
|
Allows for multiple levels of sub-tenants within each tenant along with their own administration console |
Not available. |
|
Authenticate with existing Directory
|
Allows for authentication to the IAM platform using the organizations's existing directory service. |
Available for ULM and Identity Governance. |
|
Identity broker
|
Enables you to integrate with and leverage any existing identity provider in the organization. |
SSO is not available. |
|
LDAP & AD Integration
|
Provides readily available connectors for AD and LDAP, and can be connected through Akku's wizard. |
Provides built-in support for LDAP and Active Directory integration. |
|
SAML Authentication
|
Provides a customized UX to facilitate easy configuration with no specific domain expertise required. |
Not applicable - SailPoint is used for IGA and not Access Management. |
|
OpenID
|
Provides a customized UX to facilitate easy configuration with no specific domain expertise required |
Not applicable - SailPoint is used for IGA and not Access Management. |
|
OAuth2
|
Provides a customized UX to facilitate easy configuration with no specific domain expertise required. |
Not applicable - SailPoint is used for IGA and not Access Management. |
|
SSO
|
Provides plug-and-play SSO with white-label options. |
Does not provide SSO. Integrates with SSO solutions to enforce identity governance and access management. |
|
Single Logout
|
Enables single logout functionality, ensuring that when a user logs out of Akku, all integrated applications are automatically logged out. |
Not applicable - SailPoint is used for IGA and not Access Management. |
|
Desktop SSO
|
Allows users to log in from their Windows laptop or desktop and seamlessly access configured service provider applications without requiring additional authentication. |
Not applicable - SailPoint is used for IGA and not Access Management. |
|
SSO with Credential Replay
|
Allows for SSO to legacy apps that do not support federated authentication using Credential Replay^ |
SSO is not available. |
|
Configurable SSO App Dashboard
|
Allows the user to configure their SSO dashboard to add, remove, display or hide the listed apps.^ |
SSO is not available. |
|
Configurable / Auto App Arragement in Dashboard
|
Allows users to arrange apps in the SSO dashboard into folders, ordered by most frequently used, alphabetically or based on user preference. |
SSO is not available. |
|
Preferred Browser SSO
|
Allows the administrator or user to select the preferred browser on which each SSO application launches, based on which browser each app works best on. |
SSO is not available. |
|
Auto Launch SSO Apps
|
Allows the administrator or user to select apps that have to be launched with SSO automatically when the machine starts. This requires Desktop SSO to be implemented. |
SSO is not available. |
|
MFA
|
Provides multi-factor authentication (MFA) and adaptive MFA (AMFA) with a range of factors including push notification, face/touch, Google Authenticator and OTP based authentication. |
Not applicable - SailPoint is used for IGA and not Access Management. |
|
Password Policy
|
Enables comprehensive password policy management, including length, complexity, expiration, and prevention of reuse. |
Provides advanced password management and policy enforcement as part of its identity governance framework. |
|
Configurable Auto Account Unlock
|
Enables locked user accounts to be automatically unlocked within a specified duration |
Enables policy-driven account lockout and unlock workflows, integrating with enterprise IAM solutions. |
|
Mobile Password Management
|
Allows users to manage their passwords using their mobile devices. |
Offers mobile-friendly self-service password management as part of its identity governance platform. |
|
Locked Out User Password Reset & Account Unlock
|
Allows locked out users to unlock their accounts or reset their passwords. |
Not available. |
|
Password Sync
|
Allows synchronization of users' passwords from the directory to all their apps that require credential replay for SSO. |
Offers password synchronization across enterprise applications as part of its identity governance framework. |
|
Roaming User Password Management
|
Allows for the password in the machine cache to be updated upon change or reset of password from outside the directory domain network. |
Not available. |
|
IP-based Restriction
|
Enables allowing access to applications only from authorized IPs through a simple configuration process. |
Provides this functionality through conditional access policies. |
|
Location-based Restriction
|
Provides a facility to restrict access to users from a particular location. |
Not applicable - SailPoint is used for IGA and not Access Management. |
|
Device-based Restriction
|
Provides a dedicated access manager that enables allowing access only from authorized devices, and also allows integration with third party applications. |
Not applicable - SailPoint is used for IGA and not Access Management. |
|
MDM
|
Enables authorization, blocking, and revocation of access on individual devices including enforcing passcodes and remote data wipe. |
Not Available. |
|
Provisioning / Deprovisioning of Applications
|
Provides application provisioning based on Akku's role-based access control (RBAC) as part of user onboarding, with single click deprovisioning across all applications. Provisioning is achieved through a dedicated provisioning engine with dedicated connectors to each target application. |
Provides extensive and in-depth provisioning and deprovisioning features. |
|
Subscription & User Management of Third-party Apps
|
Provides this functionality, with SAML 2.0 integration already done with 100+ SaaS applications |
Provides extensive user lifecycle management functionaltiies. |
|
Reports
|
Provides detailed audit logs for tracking all events related to access and session usage, enabling reports to be generated for specific time periods and for specific users and the applications they access. Also allows Build Your Own Reports at each tenant level. |
Provides in-depth identity analytics and reporting, allowing organizations to create detailed audit reports on user access and governance. |
|
SaaS Application Usage Analytics
|
Provides daily monitoring of user activity track effective usage. Provides usage statistics to the tenant administrator, enabling informed decisions on deprovisioning users who are not actively utilizing integrated applications, which directly relates to effective utilization and cost management of SaaS applications. |
Offers deep visibility into SaaS application usage, tracking user activity to help organizations optimize license management. |
See what makes our product unique - Schedule a demo and dive in.
