Can Apporetum replace Microsoft Identity Manager (MIM) and Forefront Identity Manager (FIM)?

Yes. Apporetum is designed as a modern, cloud-native replacement for MIM and FIM. It covers identity correlation, deterministic lifecycle management, multi-HR data flows, secondary accounts, and Entra ID provisioning without the legacy on-premises infrastructure.

Can Apporetum run alongside MIM during migration?

Yes. Apporetum can be deployed alongside MIM in 'Insight mode'. It observes and reports on your existing MIM-driven lifecycles without touching them, giving you confidence in what MIM does today before Apporetum takes over deterministic ownership.

How does Apporetum solve account correlation when moving off MIM?

Apporetum correlates accounts from on-premises Active Directory, multiple Entra tenants, LDAP, HR systems, and ITSM into a unified workforce-person record, recreating the MIM 'source of truth' as a cloud-native data model.

What about MIM's customisations and PowerShell workflows?

Apporetum replaces hand-written PowerShell and MIM rules-extensions with declarative, deterministic state machines for accounts and identities. Where you still need bespoke logic, Apporetum exposes events and APIs so code-light extensions are possible without owning legacy MIM infrastructure.

How does the licensing compare with MIM and Entra ID Governance?

MIM is bundled with certain Microsoft licences but requires significant on-premises infrastructure and engineering. Apporetum uses a fixed monthly subscription with no per-user fees and leverages your existing Entra ID (Free, P1 or P2): typically cheaper at scale than Entra ID Governance and considerably cheaper to operate than MIM.

Is MIM still supported by Microsoft?

Microsoft has signalled the end of mainstream investment in MIM/FIM and is steering customers to Entra ID Governance. Apporetum extends Entra ID with the MIM-class identity governance capabilities organisations relied on, without forcing a per-seat Entra ID Governance licence.

How long does a typical MIM-to-Apporetum migration take?

Most customers start with Insight mode in weeks, then move workloads (Joiner, Mover, Leaver, secondary accounts) into Apporetum incrementally over a quarter or two, avoiding the multi-year MIM 'big bang' migrations.

Replace Microsoft Identity Manager (MIM/FIM) with Apporetum

Migrate from MIM and FIM to a cloud-native, deterministic IAM platform on Microsoft Entra. Flat-fee, no per-user licensing.

Microsoft's direction

Is Microsoft Identity Manager (MIM) still supported?

Yes, but with mainstream support already wound down and extended support set to end in January 2029. Microsoft has formally signalled the end of investment in MIM and FIM and is steering customers to Microsoft Entra ID Governance for cloud-first scenarios. There are no further feature releases planned for MIM; only security and bug fixes during the extended support window. Customers running MIM today should be planning their replacement now, not in 2028.

Apporetum extends Microsoft Entra ID with the MIM-class identity governance capabilities organisations relied on (deterministic joiner-mover-leaver, identity correlation, secondary admin accounts, multi-HR data flows) without forcing a per-seat Entra ID Governance licence and without the on-premises infrastructure burden.

Read: MIM end-of-life, what we know in 2026

Key dates

Mainstream support: ended for MIM 2016
Extended support: ends January 2029
Microsoft direction: Entra ID Governance for new cloud workloads
Apporetum option: deploy alongside MIM in Insight mode in weeks

Migration timeline

From MIM to Apporetum on Entra ID in three phases

Insight mode → Coexistence → Cutover

Apporetum supports a phased migration off MIM/FIM that avoids the multi-year "big bang" rebuilds typical of legacy identity replacements. Most customers complete the journey in one to two quarters per workload.

Phase 1: Insight mode

Weeks 0–4

Apporetum is deployed read-only from Azure Marketplace into your tenant. It observes MIM-driven lifecycles, correlates identities across HR, AD, Entra and ITSM, and reports on the current state. MIM remains the deterministic owner; nothing in production changes.

Phase 2: Coexistence

Weeks 4–12

Apporetum takes deterministic ownership of selected workloads (typically joiners, secondary accounts and Entra-only apps) while MIM continues to govern the rest. Identity state models run in parallel; cutbacks are reversible per workload.

Phase 3: Cutover

Weeks 12+

Apporetum becomes the source of record for all in-scope identities and accounts. MIM is decommissioned, on-premises FIM infrastructure is retired, and audit evidence consolidates into Apporetum's membership timelines.

Challenge

Overcome The Challenge Of Migrating Off Microsoft Identity Manager

Migrating from Microsoft Identity Manager (MIM) to a cloud solution presents several pain points, particularly in the realm of identity governance. organisations often struggle with the complexity of maintaining identity synchronization, managing lifecycle events and account correlation without a centralised source of record which MIM provided.

A significant challenge is the loss of account correlation capability, which provides a unified view of user identities across multiple systems. Without a reliable source of record for identity management, cloud solutions can result in fragmented identity data. This fragmentation complicates the enforcement of consistent policies and compliance, potentially increasing security risks and operational inefficiencies. Therefore, a robust identity governance platform is crucial during the transition to the cloud.

Key Challenges To Solve:

Unified Lifecycle Events

Streamline identity management across your organisation with a unified approach to lifecycle events, ensuring seamless onboarding, transitions, and offboarding processes.

Identity Correlation

Connect and reconcile accounts across multiple systems, creating a single source of truth for identity information and access rights.

Current State Analysis

Uncover and document accumulated changes in business policies and technology within legacy systems. This critical step ensures all modifications are understood and accounted for in your migration planning.

Migration Strategy

Develop a comprehensive plan to transition from on-premises identity management to cloud-based solutions, minimizing disruption and maximising efficiency.

Secondary Accounts

Manage and secure additional user accounts effectively, maintaining compliance and reducing security risks associated with multiple accounts for a single identity.

Licensing Implications

Understand and optimize your licensing requirements as you transition to new identity management solutions, balancing costs with capabilities.

Business Alignment

Implement Identity Governance in Microsoft Entra ID

Apporetum Identity and Access Management Platform

Effective Identity Governance integrates seamlessly with your organisation's core systems, synchronizing HR data and managing the full employee lifecycle. It adapts to various factors like engagement types and business roles. Apporetum's unified platform offers essential identity governance features, balancing cost-efficiency, user-friendliness, and comprehensive functionality. Our approach extends beyond IT, addressing your entire organisation's identity management needs holistically, from security to broader business requirements.

Explore Identity Governance

Solution

How Apporetum Empowers Your Cloud Migration of MIM

Migration from on-premises Microsoft Identity Manager (MIM) and an Active Directory mastered environment requires careful analysis to ensure business continuity. Apporetum is built to accommodate these needs with its insight platform, which helps you analyse and document your current state. When you're ready, Apporetum provides the necessary identity and access management capabilities to master your identities and accounts from the cloud while maintaining continuity with your on-premises dependencies. By leveraging Microsoft Entra ID and Entra Admin capabilities, Apporetum supports a seamless identity governance transition. This includes robust identity access management features that ensure secure and efficient ID governance, making your cloud migration smooth and effective.

Data Discovery Engine

Provides full visibility into user access data, allowing for thorough analysis and proactive monitoring of user activities. It automates the identification of managed, unmanaged, and shadow IT apps.

Unified Identity Correlation

Understand what accounts your employees own, ensure their data is consistent and report unsanctioned accounts or access

Automated & Manual Access Review

Automates the access review process, from creating certifications to updating review statuses, ensuring efficiency and accuracy. Document access reviews and their status for auditing and remediation purposes.

Versatile Integrations

Identity systems are core to your security. We prioritise seamless integrations for effectiveness. Our event-driven platform lets you monitor and respond to virtually all significant system activities.

Deterministic Lifecycle Management

Automates the removal of access after a set period of time and enforce the renewal process to keep access for extended periods of time.

Cost Effective Licenses

Apporetum priorities the cost effectiveness of the IGA offering as we know that Identity & Access Management software built by big brand names does not scale for big or small enterprise.