How to Buy EmpowerID’s Industry Leading Software
EmpowerID believes in being transparent around what we do, how we can help you (and we’ll even advise if we can’t), and what your best options are.
EmpowerID is providing flexible and mature IAM capabilities in the cloud, on-premise and in hybrid environments.
From our own point of view, we won’t ever make a major decision without evaluating all aspects of what’s required and, as such, we don’t expect you to either.
We list all our SaaS licensing and pricing models, below. If you have any questions, feel free to contact us and we’ll do our best to answer all your questions.
For information regarding our on-premise licensing model and pricing, please contact our sales team.
Contact SalesModules - Per Managed Object Licensing
Advanced Lifecycle Management
Includes HR-driven lifecycle and the ability to develop custom connectors. Licensed per non-deleted Person "identity object" - can be non-human identities.
Azure License Manager
Policy-based management and reporting of Azure licenses. Licensed per non-deleted Person receiving an Azure license (includes self-service capability).
Modules - Per Managed System
SAP Advanced Risk Management
Inventory and risk analysis of SAP ABAP TCODES, Auth Objects, Field Values, and import of SAP GRC Functions and Risk Policies. Licensed per inventoried SAP ABAP systems with this feature enabled.
Computer Identity Management
Management of Windows Server or Linux server local users and groups, password reset and rotation, service identity management. Licensed per inventoried and managed computer (Linux and Windows OS).
Modules - Per Named Person Licensing
Self-Service (IAM Shop / My Tasks / ServiceNow / API)
Access self-service and task approvals.
Groups
Group self-service and admin.
Entra ID Roles
Management of roles within Entra ID.
Applications (Rights and Roles) - Zscaler, Entra ID, Cisco ISE, etc
Management of application rights and roles including Zscaler, Entra ID, Cisco ISE, and more.
Recertification
Audit and recertification of access rights and roles.
Risk Approval/Mitigation
Manage risk approval and mitigation strategies for access requests and role assignments.
SharePoint Online
Manage SharePoint Online sites, groups, and permissions.
Exchange Online
Manage Exchange Online mailboxes, distribution groups, and permissions.
Azure Licenses
Self-service management of Azure licenses for users.
Shared Folders
Manage shared folder permissions and access.
Vaulted Credentials (PAM)
Secure storage and management of privileged credentials.
Computers (PAM)
PSM and Local Admin membership - requires Computer Identity Management license per computer.
Other Per Named Person Licensing Modules
Password Self-Service Reset
End-user forgotten password reset and change password. Includes ability to use MFA for forgotten password reset.
Single Sign-On and MFA
Federated SSO to Service Provider applications. IdP federation does not require this license.
Policy Decision Point (PDP) PBAC
External authorization engine based on RBAC/ABAC/PBAC to act as a Policy Decision Point (PDP). Includes OPA support. Licensed per authorizing Person object.
Delegated Admin Modules (Includes Self-Service):
Per Named Person Licensing
Per Named Person Licensing
User Manager
Delegated user account administration and password management (any system) - licensed per # of named users performing delegated administration activities.
Group Manager
Delegated group administration and Dynamic Group (hierarchies) policy management (any system) - licensed per # of named users performing delegated administration activities.
Application Manager
Delegated administration and onboarding of Entra ID and non-Entra applications - licensed per # of named Application owners and other users performing delegated administration activities.
Entra ID Role Manager
Delegated Entra ID RBAC and Directory role management - licensed per # of named users performing delegated administration activities.
SharePoint Online Manager
Delegated SharePoint Online web and group administration - licensed per # of named users performing delegated administration activities.
File Share Manager
Delegated shared folder (Windows only) permissions management - licensed per # of named users performing delegated administration activities.
Rental Per Use License
Role Mining
Analytical Role Discovery and Optimization. Licensed per non-deleted Person identity object.
Consolidated List of Modules
Below is a consolidated list of the above modules:
| Module | Description |
|---|---|
| Advanced Lifecycle Management | Includes HR-driven lifecycle and the ability to develop custom connectors. Licensed per non-deleted Person "identity object". |
| Azure License Manager | Policy-based management and reporting of Azure licenses. Licensed per non-deleted Person receiving an Azure license. |
| SAP Advanced Risk Management | Inventory and risk analysis of SAP ABAP TCODES, Auth Objects, Field Values, and import of SAP GRC Functions and Risk Policies. |
| Computer Identity Management | Management of Windows Server or Linux server local users and groups, password reset and rotation, service identity management. |
| Groups | Group self-service and admin. |
| Entra ID Roles | Management of roles within Entra ID. |
| Applications (Rights and Roles) - Zscaler, Entra ID, Cisco ISE, etc | Management of application rights and roles including Zscaler, Entra ID, Cisco ISE, and more. |
| Recertification | Audit and recertification of access rights and roles. |
| Risk Approval/Mitigation | Manage risk approval and mitigation strategies for access requests and role assignments. |
| SharePoint Online | Manage SharePoint Online sites, groups, and permissions. |
| Exchange Online | Manage Exchange Online mailboxes, distribution groups, and permissions. |
| Azure Licenses | Self-service management of Azure licenses for users. |
| Shared Folders | Manage shared folder permissions and access. |
| Vaulted Credentials (PAM) | Secure storage and management of privileged credentials. |
| Computers (PAM) | PSM and Local Admin membership - requires Computer Identity Management license per computer. |
| Password Self-Service Reset | End-user forgotten password reset and change password. Includes ability to use MFA for forgotten password reset. |
| Single Sign-On and MFA | Federated SSO to Service Provider applications. IdP federation does not require this license. |
| Policy Decision Point (PDP) PBAC | External authorization engine based on RBAC/ABAC/PBAC to act as a Policy Decision Point (PDP). Includes OPA support. |
| User Manager | Delegated user account administration and password management (any system). |
| Group Manager | Delegated group administration and Dynamic Group (hierarchies) policy management (any system). |
| Application Manager | Delegated administration and onboarding of Entra ID and non-Entra applications. |
| Entra ID Role Manager | Delegated Entra ID RBAC and Directory role management. |
| SharePoint Online Manager | Delegated SharePoint Online web and group administration. |
| File Share Manager | Delegated shared folder (Windows only) permissions management. |
| Role Mining | Analytical Role Discovery and Optimization. Licensed per non-deleted Person identity object. |
Next Steps
We do realize that there’s a lot to get through and absorb here. However, that’s what we’re here for. If you have any questions or queries about the services or software that we provide then please get in touch.
We’re happy to answer each and every question that you have and look forward to hearing, and being of service, to you.