← Back to sales hub

Simple, identity-based pricing

No per-connector fees. No surprise implementation costs. Working POC in a day — no commitment required.

✓ No professional services for setup ✓ EU-hosted control plane ✓ Cancel anytime
IVIP Visibility
3,000 /mo
Read-only governance · any scale
Start free POC
  • Unlimited identities (visibility scale)
  • All connectors in read-only mode
  • 14-component identity risk score
  • Cross-system SoD detection
  • Dormant grant detector
  • Peer-group outlier detector
  • Reconciliation (SOL vs IST)
  • NHI 4-tier discovery
  • Daily risk-trend snapshots
  • Platform Advisor
  • Tier-3 agent included
  • Provisioning / write-back
  • Approval workflows + JML
Starter
5,000 /mo
Up to 1,000 identities
Start free POC
  • Up to 5 connectors (read + write)
  • Everything in IVIP Visibility
  • HR sync (HRMS, CSV) + provisioning
  • AD + Entra + LDAP
  • Access certifications
  • JML automation
  • Role mining (standard)
  • Tier-3 agent included
  • EN + NL + FR + DE
  • Audit log + CSV export
  • NHI ownership flows + JIT
  • Audit packs (SOX/ISO/HIPAA/GDPR)
  • Sector packs
Most popular
Growth
15,000 /mo
Up to 5,000 identities
Start free POC
  • Up to 20 connectors (read + write)
  • Everything in Starter
  • NHI 4-tier governance + JIT
  • Audit packs (SOX / ISO / HIPAA / GDPR)
  • Toxic combinations + SoD
  • Blast-radius graph (4-level)
  • Role mining (8 algorithms + dedup)
  • Smart certifications (event-triggered)
  • Engine pause kill-switch
  • Reconciliation snapshots + reasons
  • Sector pack add-ons eligible
  • Multi-tenant (up to 3 tenants)
  • Dedicated tenant + custom roles
Enterprise
40,000+/mo
Unlimited identities
Talk to sales
  • Unlimited connectors
  • Everything in Growth
  • Dedicated tenant
  • Custom roles + tenant roles
  • Script library + templates
  • 38 IdentityPROCESS templates
  • SLA (99.9% uptime)
  • Dedicated customer success
  • On-prem Kubernetes deployment
  • All sector packs included
  • Unlimited tenants
  • Priority support + SLA

Prices in EUR, excl. VAT. Annual commitment available at 15% discount. Identity count = humans + non-human identities combined.

Sector packs & add-ons

Industry-specific compliance baselines, pre-baked policies, and certification templates.

🏦

Financial Services Pack

DORA-aligned certification templates, PSD2 SoD rules, four-eyes principle enforcement for high-risk entitlements, MiFID II audit trail configuration.

€10,000 one-time · Growth plan or above
🏥

Healthcare Pack

NIS2 critical infrastructure policies, EPD/EHR access governance templates, patient-data entitlement classification, HIPAA/AVG-aligned access reviews.

€10,000 one-time · Growth plan or above
🏛️

Public Sector Pack

BIO/BIR baseline controls, DigiD integration templates, separation-of-duties for government role models, BSN handling compliance patterns.

€10,000 one-time · Growth plan or above
🤖

EU AI Act Pack

Governance templates for AI agent identities, human oversight entitlement patterns, AI system access certification aligned with EU AI Act risk tiers.

€10,000 one-time · Enterprise plan

Implementation options

Most customers are live in under 2 weeks. We don't do 6-month onboarding projects.

Self-service POC

Sales engineer on a call. Tier-3 agent installed with one command. First connector live in 30 minutes. Suitable for technical evaluations.

Free · Included with any plan

Guided onboarding

2-week engagement: connector setup, initial role mining run, first certification campaign, team training. Fixed scope, fixed price.

From €30,000

Enterprise deployment

Full environment migration, custom connector development, sector pack configuration, change management. Includes on-prem Kubernetes if required.

From €80,000 (T&M or fixed)

3-year total cost of ownership

RapidValue vs. classic enterprise IGA (mid-market baseline: 2,500 identities, 25 systems).

Cost component Classic enterprise IGA RapidValue Growth Saving
License (3-year) €900,000 €540,000 €360k
Implementation services €600,000 €60,000 €540k
Custom connector development €200,000 €75,000 €125k
IAM team FTE (ops, 3yr) €720,000 €360,000 €360k
Audit prep + cert campaigns (3yr) €162,000 €32,400 €130k
Manual provisioning (3yr) €180,000 €22,500 €158k
3-year TCO €2,762,000 €1,090,000 €1.67M saved
Payback period N/A Month 11

Figures based on internal pilots + independent integrator research (Q1 2026). Your numbers depend on environment complexity — request a custom ROI analysis.

Frequently asked questions

What counts as an "identity"?
Any identity under active governance: human employees, contractors, external partners, and non-human identities (service accounts, AI agents, bots, IoT devices). Suspended or archived identities don't count toward your plan limit.
Do I need professional services to get started?
No. The tier-3 agent installs with a single bash command. The connector wizard is self-service with live discovery and pre-filled mapping suggestions. Most customers are running their first sync within 30 minutes of starting. Professional services are available for complex migrations, but not required.
Does my identity data leave my infrastructure?
It depends on your deployment mode. In the default tier-3 hybrid deployment, a lightweight agent runs inside your VPC and handles all connector execution there — identity attributes, account data, and entitlement details stay on your infrastructure. The control plane receives task coordination and aggregate metrics, not raw identity records.

In SaaS connector mode (in-process), connectors execute in our EU-hosted control plane, which means identity data is processed there. A data processing agreement (DPA) is required for that mode, which we provide as standard. For organisations that need full data residency, tier-3 agent mode is the right choice.
We use a system that isn't in your connector list. Can you still connect it?
Yes. The connector wizard supports custom SCIM, REST, and LDAP endpoints alongside the 8 built-in connectors. The wizard's live discovery returns a mapping suggestion from whatever the target exposes — typically 75% pre-filled. Custom connector development is available as part of the Enterprise plan or as a standalone service.
What's the difference between Starter and Growth on certifications?
Starter includes classic campaign-based certifications (scheduled, manager-reviews-team). Growth adds smart certifications: event-triggered reviews (e.g., "this identity hasn't used this entitlement in 90 days") and policy-driven continuous certifications. Growth also includes reconciliation snapshots with per-grant reasons — the difference between a count and an audit trail.
Can we run the platform on-premises instead of using the SaaS control plane?
Yes, on the Enterprise plan. Full Kubernetes deployment on your own infrastructure, including the control plane. This is typically chosen by organisations with strict data residency requirements beyond what the tier-3 hybrid model covers (e.g., air-gapped environments or highly regulated government deployments).
How does pricing work if we grow beyond our plan's identity limit?
You'll receive a notification when you approach your limit (at 80% and 95%). We'll work with you to move to the next tier or configure an overage arrangement — no automatic surcharges without agreement. Annual commitments include a buffer zone for seasonal spikes.
Is there a free trial?
We offer a guided 30-day POC instead of a free trial. A sales engineer runs the initial setup with you, you get a working environment with your own data, and you leave with a take-home report for your CISO. This is more useful than a sandbox trial because you're evaluating against your real environment, not demo data.

Ready to see it with your data?

Working POC in a day. No commitment.

Start your POC Read FAQ