Magic Quadrant for Access Management
Gartner defines access management (AM) as platforms that include an identity provider (IdP) and establish, manage and enforce runtime access controls to at least cloud, modern standards-based web and classic web applications. AM's purpose is to enable single sign-on (SSO) access for people (workforce, consumer and other users) and machines into protected applications in a streamlined and consistent way that enhances user experience. AM is also responsible for providing security controls to protect the user session in runtime, enforcing authentication (with multifactor authentication [MFA]) and authorization using adaptive access. Lastly, AM can provide identity context for other cybersecurity tools to enable identity-first security.
Vendors must, among other requirements:
A: This research evaluates 11 vendors in the Access Management market based on their Ability to Execute and Completeness of Vision. It covers AM platforms that include an identity provider (IdP) and establish, manage and enforce runtime access controls for cloud, modern standards-based web and classic web applications. The research focuses on both workforce (B2E) and CIAM (B2B, B2C, G2C) use cases, with increased emphasis on CIAM capabilities including B2B features, threat detection and response (ITDR), passkeys support, and B2B delegated administration capabilities.
A: This research should be used by security and risk management leaders, IAM professionals, and IT decision-makers who are evaluating or selecting access management solutions for their organizations. It is particularly valuable for organizations that need both workforce and CIAM capabilities, those looking to improve their security posture against identity-based attacks, organizations implementing B2B customer relationships, and those seeking to modernize their authentication approaches with passkeys and identity verification. The interactive features allow users to create custom views aligned with their specific priorities and requirements.
A: Mandatory features for vendors included in this market are: (1) A directory or identity repository for workforce or external users, including identity synchronization services; (2) Identity administration for integrated applications, with basic life cycle management and profile management capabilities, with support for SCIM; (3) SSO and session management with support for standard identity protocols (OpenID Connect, SAML) and APIs for accessing standards-based and legacy apps (via proxies or agents); (4) User authentication (including commodity MFA); (5) Authorization enforcement (including support for modern authorization protocols, including OAuth 2.0). Additionally, all core capabilities must be delivered as a SaaS product.
A:
A: Ability to Execute evaluates vendors on the quality and efficacy of processes, systems, methods or procedures that enable IT vendors to be competitive, efficient and effective, and that positively affect revenue, retention and reputation. It focuses on current execution including product capabilities, viability, sales, market responsiveness, marketing execution, customer experience, and operations. Completeness of Vision evaluates vendors on their understanding of buyer wants and needs, and how well they anticipate, understand and respond with innovation in their product offerings to meet those needs. It focuses on vision and strategy including market understanding, marketing strategy, sales strategy, product strategy, business model, vertical strategy, innovation, and geographic strategy.