Identity-based vendors vs true Entitlement Management solutions

Some vendors believe an identity-based approach is best, but we disagree. It's highly restrictive and rooted in the vendor's background, having built identity systems first and then layered on some licensing capabilities.

It's far better to have a flexible entitlement and licensing-based system designed to support any form of deployment rather than to fix on a user-name-based approach—why compromise?

Why You Should Not Get Locked into an Identity-Only Based Licensing Solution

Sometimes, companies ask us about the difference between identity and entitlement management. While they have similarities in terms of providing access, they're fundamentally different systems. With an identity system, you're restricted to an identity-based approach (email address, username, password, etc.), which creates a one-size-fits-all model. This might work fine if you only need to manage identities with a lightweight set of attributes.

However, if you want to truly understand what rights you've sold at the company level and allow individuals, desktops, servers, devices, and other entities to access those entitlements, then entitlement management is what you need. Unlike identity-based systems that narrowly focus on authentication (who users are), entitlement management focuses on what rights users inherit from their association with an entity that has purchased various licenses.

Identity-based systems are particularly restrictive for desktop, server, or cloud-based deployments running in virtualized environments. Since you're only tying use to an identity, you can't distinguish between VMs or handle cloning effectively. Our entitlement platform, however, gives you direct management power over these scenarios.

Additionally, identity-based systems struggle with offline environments. If you have customers working in disconnected or air-gapped environments (what we call "dark sites"), leveraging a pure identity-based system becomes challenging. We integrate with IDPs, Okta, Auth0, etc., allowing you to support these flows within our standard entitlement management system, including offline use cases.

The channel presents another challenge. When working with channel partners who maintain an inventory of entitlements and licenses to sell, they can't effectively use a pure identity-based system because they don't yet know who'll buy the products. Entitlement management allows them to manage licenses without knowing the end users' identities.

Entitlement management provides flexibility even within a pure SaaS environment. It enables identity and license key/device-based activation, handles virtualization and offline scenarios, and offers superior channel partner support.