SailPoint - Earnings Call - Q1 2026

Executive Summary

• Q1 FY2026 delivered double-digit growth with total revenue of $230.0M (+23% YoY) and ARR of $925M (+30% YoY); adjusted operating income was $24M (10% margin).
• Results beat Wall Street on both revenue and EPS; adjusted EPS of $0.01 vs consensus loss, with the stock up ~12% pre-market on the print and raised FY outlook.
• FY2026 guidance raised across revenue ($1.034–$1.044B from $1.025–$1.035B) and adjusted EPS ($0.16–$0.20 from $0.14–$0.18); Q2 revenue guided to $242–$244M and adjusted EPS $0.04–$0.05.
• Narrative continues to coalesce around AI-driven identity security (machine identities, AI agents), enterprise expansion, and strong SaaS momentum, with broadened go-to-market via partners and new regional capacity (e.g., Brazil).

What Went Well and What Went Wrong

What Went Well

• Subscription engine accelerating: subscription revenue reached $215M (+27% YoY), driving total revenue growth of +23% YoY.
• Strategic progress with enterprise customers: customers >$1M ARR grew 62% YoY; management emphasized “identity becomes the hub of modern digital security strategy” and leadership in AI/data-driven platform extensibility.
• Guidance was raised: FY2026 revenue, ARR, and adjusted EPS all increased vs prior guide, reinforcing momentum and execution confidence.

What Went Wrong

• GAAP profitability contracted: GAAP operating loss widened to $(185)M (−80% margin) vs $(68)M (−36%) in Q1 FY2025.
• Operating cash flow usage: cash used in operating activities was $(97)M, including $37M interest and $88M for IPO-related items (equity award payouts, monitoring fees), impacting near-term cash profile.
• Gross margin compression on a GAAP basis vs recent quarter; non-GAAP margins healthy but depend on adjustments (note widening GAAP net loss).

Transcript

Operator (participant)

Good day, and thank you for standing by. Welcome to SailPoint's first quarter 2026 earnings conference call. At this time, all participants are on a listen-only mode. After the speaker's presentation, there'll be a question-and-answer session. To ask a question during the session, you'll need to press star 11 on your telephone. You will then hear an automated message advising your hand is raised. To withdraw your question, please press star 11 again. Please be advised today's conference is being recorded. I would now like to hand this conference over to your speaker today, Scott Schmitz. Please go ahead.

Scott Schmitz (Senior VP of Investor Relations)

Good morning, and thank you for joining us today to discuss SailPoint's fiscal first quarter 2026 financial results. Joining me today are SailPoint's founder and CEO, Mark McClain, and our Chief Financial Officer, Brian Carolan. For the Q&A portion of today's call, we will also be joined by our President, Matt Mills. Please note that today's call will include forward-looking statements, and because these statements are based on the company's current intent, expectations, and projections, they are not guarantees of future performance, and a variety of factors could cause actual results to differ materially. This call will also include references to non-GAAP results, which exclude certain items that do not reflect our underlying business performance. Please reference this morning's press release in the investor section of sailpoint.com for further information regarding forward-looking statements and reconciliations of GAAP to non-GAAP financial measures.

With that, I'd like to turn the call over to Mark.

Mark McClain (Founder and CEO)

Thank you, Scott. Good morning, everyone, and thank you for joining us today. We're thrilled to share our fiscal Q1 2026 results. We closed the quarter with $925 million in annual recurring revenue, or ARR, a 30% year-over-year increase, with fast ARR growing 39% year-over-year. Our ARR growth reflects continued high demand as we believe identity security continues to be a top cybersecurity investment priority for enterprise leaders. We also saw a 62% year-over-year increase in customers with ARR greater than $1 million. This highlights our continued ability to support the significant scale and complexity prevalent among enterprises today. Today's digital enterprises demand a trusted partner who can secure the full spectrum of identities, from the human workforce, which includes employees, contractors, and third-party suppliers, to the digital workforce, which spans machines and autonomous AI agents across a hybrid environment.

Organizations with this level of scale and complexity need identity controls that are both broad and deep. This is where SailPoint stands apart, and the market is taking notice. Our expertise in enterprise-class governance continues to drive share gains over both legacy and niche players, with Gartner's latest IGA market sizing report placing us at nearly 21% market share, which represents about 5x the gain of our nearest direct competitor. We believe this leadership reflects our commitment to meet the evolving identity security needs of our customers, as well as their belief that SailPoint is more than just an IGA vendor. Our innovation strategy is central to our long-term durable growth and our differentiation in the market. Let me highlight the key tenets behind that strategy. First, our foundational principle is simple: least privilege for all enterprise identities. Every identity, human or digital, carries some level of privilege.

What matters is context: the role it plays, where it operates, and what it needs access to. A contractor with temporary access to intellectual property, a payroll bot executing critical transactions, or a remote agent handling regulated data—all are privileged, but each in a different way. Legacy PAM tools were built for a narrow world: admin accounts on static infrastructure. SailPoint breaks that mold, delivering fine-grained, contextual governance for all identities, systems, and access levels at enterprise scale. Our policy-driven model defines who or what gets access to information and what actions they can take—a modern, unified approach that we believe is fundamentally different from how others manage identities today. Second, we're leading in the governance of emerging identity types, particularly machine identities and AI agents. Machine identities have proliferated, with some hidden deep within directories like Active Directory and Entra, making them difficult to track or secure.

SailPoint Machine Identity Security delivers deep visibility, control, and entitlement-level governance for these often overlooked assets, such as service accounts, software bots, and intelligent devices. When it comes to machines, other vendors primarily manage keys and certificates, not the actual access rights. Our approach goes far deeper, providing the full identity governance lifecycle for the actual machines those keys and certificates belong to. AI agents represent the next frontier. These autonomous systems are now underwriting loans, onboarding customers, and executing critical operations across both cloud-native apps and legacy systems. They make decisions independently, often operating with a level of self-governance that redefines what it means to be an identity.

With our new offering, Agent Identity Security, planned for release this fall, we believe SailPoint is uniquely positioned to govern this new class of digital identities, alongside all human and machine identities, across the full spectrum of access, from the cloud to the mainframe. Third, we're embracing AI not just as a disruptor, but as a catalyst for cyber resilience. Just last quarter, we introduced HarborPilot, our AI-powered assistant, and it's already gaining strong traction. HarborPilot embeds AI into the fabric of identity programs, servicing recommendations, guiding configurations, and driving faster, smarter decisions. Users can issue prompts such as, "Share all roles with no entitlements," or, "Make me a workflow that creates a certification when a user's department changes," to surface actionable insights in real time. It's also fueling a new wave of low-code, no-code workflow automation, enabling intuitive, intelligent management of identity processes.

These innovations make our platform even more powerful and easier to use, helping security teams achieve more with less. In many ways, HarborPilot functions like a digital employee with deep expertise in both SailPoint and identity security. Fourth, threat prevention must evolve, and with Atlas, we are transforming how it is done. Atlas is our unified intelligence platform built on a consolidated data model and shared services architecture, designed to deliver deep identity context at scale. As the authoritative source of identity entitlements for many of the world's most complex organizations, we enable advanced entitlement-level risk modeling that surfaces granular signals in real time. This allows for proactive detection and response, identifying threats before they can be exploited. By continuously mapping identities, entitlements, behaviors, and risks, Atlas becomes an intelligent foundation of modern identity security, powering decisions with context and fortifying the entire enterprise security stack. Innovation alone is not enough.

We know identity security must operate in lockstep with the broader ecosystem. That's why we're forging deep partnerships with cloud providers, systems integrators, and technology leaders as we work together with forward-thinking customers to ensure our Atlas platform integrates seamlessly into all customer environments. Our shared data model and flexible architecture enable partners to build on SailPoint, enhancing coverage and accelerating outcomes across a wide range of identity security needs. We're continuously focused on expanding connectivity across the portfolio, making it easier for customers to govern access to more business-critical applications. This ecosystem strategy is helping us scale across the market. For large enterprises, our expanded strategic alliance with Deloitte is a prime example. Together, we're enabling organizations to navigate the rise of AI agents, harnessing them as a force for efficiency while helping improve governance and security.

At the same time, we're extending our reach into the mid-market through our Managed Service Provider, or MSP, program, which gives mid-sized enterprises access to SailPoint's industry-leading solution through trusted partners. Across the board, our ecosystem is a growth engine, bringing SailPoint to more customers with more efficiency and greater impact. Our ecosystem is a force multiplier, and our consistent NRR is the proof. Half of our new bookings this quarter came from existing customers, a strong indicator of the trust and value we continue to deliver. These customers aren't just renewing; they're expanding. For us, it's not just about the number of individual solutions a customer buys. It's about the outcomes we deliver, the breadth and depth of identity coverage we provide, and the unique, high-stakes problems we help solve. That value is reflected in the numbers.

Our average ARR per customer is nearly three times higher than that of other identity security vendors, a clear signal of the comprehensive enterprise-wide role SailPoint plays across our customers' environments. As an example, a leading mortgage lender significantly deepened their investment with us as part of their broader digital transformation and modernization efforts. They upgraded to our Identity Security Cloud Business Plus suite, adding Machine Identity Security and Data Access Security, plus training and services support. Their decision was driven by the proven ROI they had already seen and the value of our unified solution built on a scalable, integrated architecture in the Atlas platform. Today, we continue to see strong customer adoption across our platform.

Our workflow usage hit an all-time high during fiscal Q1 2026, with a record number of identity workflows being built, clear evidence that our customers are scaling their use of SailPoint to govern more apps, new use cases, and diverse identity types. This includes machine identities, where we've seen robust demand and a strong and growing pipeline since the initial launch of SailPoint Machine Identity Security last fall. This quarter, interest in Machine Identity Security continued to grow among both existing and new customers. A Fortune 500 manufacturer expanded their SailPoint investment to better manage service accounts with greater precision. Meanwhile, a Fortune 25 retailer became a new SailPoint customer, adopting our most comprehensive Identity Security Cloud Business Plus suite, along with Machine Identity Security, Non-Employee Risk Management, a suite of connectors, and advisory and success services.

They went all in on SailPoint, confident in our proven ability to deliver identity security at the scale and sophistication required to support their massive identity landscape. As we look ahead, we remain confident in the depth of our pipeline, the velocity of our sales motion, and the resilience of identity and cybersecurity budgets. As identity-centric threats continue to be a top challenge for global enterprises today, we believe it's clear that identity has become the hub of modern security strategy, serving as the common link across all aspects of enterprise security, from networks and cloud infrastructure to endpoints, data, and applications. While some competitors tout momentum with a collection of products, we're not seeing that approach resonate in our core enterprise market. Our win rate remains strong among large, complex organizations that demand the depth, breadth, and sophistication that we believe only SailPoint can deliver.

This represents clear validation that our focused, platform-driven strategy is winning where it matters most. In closing, I'm grateful to everyone at SailPoint and our partners for ensuring we continue to stay in front. We're executing with focus, innovating with purpose, and delivering real value where it matters most. As the industry increasingly recognizes identity security as the backbone of enterprise resilience, SailPoint will continue to be the identity security innovator and trusted partner leading the way. Now, let me hand it off to Brian, who will share more details on our financial results for the quarter.

Brian Carolan (SFO)

Thank you, Mark, and good morning, everyone. Thank you for joining us today. Our fiscal year 2026 is off to a strong start with ARR, revenue, and adjusted operating margin each exceeding the high end of our first quarter guidance as we continue to deliver durable growth at scale.

We ended fiscal Q1 2026 with ARR of $925 million, an increase of 30% year over year, with SaaS ARR of $574 million, growing 39% year over year. Currency was less than a one-point benefit to our total ARR growth. Our strong results showcase our leadership position, strong competitive advantage, and durable growth profile. Importantly, we have not seen a fundamental change in demand due to the macro environment. Today, more than ever, enterprises are focused on what they believe to be most critical. We continue to see evidence that identity security is business-essential and often at the top of the spending priority list. As such, we plan to continue to execute on the large opportunity in front of us, delivering value to our customers. More specifically, our pipelines remain robust, with deal velocity and close rates consistent with prior quarters.

Our customer retention rates continue to be very strong, and our growth drivers are consistent, with approximately half of our Q1 ARR growth coming from new customers and half from existing customer expansion. We continue to see significant growth potential through a universe of new customers that are primed for a more modern solution. In fact, many of our new customer wins are displacements of other solutions that cannot keep up with the scale and complexity of enterprise environments. We also see a large opportunity to expand within our install base. Our NRR of 115% remained steady this quarter, with many drivers, including suite upgrades, migrations, upsell, and cross-sell initiatives. We were encouraged by the growing ARR contribution from our Non-Employee Risk Management, Machine Identity Security, and Data Access Security modules, which more than doubled from the same period a year ago. Let me now cover our strong Q1 results.

In Q1 2026, we delivered total revenue of $230 million, up 23% year over year, with subscription revenue of $215 million, up 27% year over year. Adjusted gross profit margin was 76.3%, and adjusted operating margin remained healthy and well ahead of our expectations at 10.2%. Our adjusted operating margin upside versus guidance was the result of higher term revenue mix, cost discipline, and the timing of investments. Moving to the balance sheet, we ended the quarter with $228 million of cash and equivalents and no debt after paying off our outstanding balance in March. Cash used in operating activities was $97 million and includes $37 million of cash paid for interest expense and $88 million of cash paid for items that ended with our IPO, such as equity award payouts and monitoring fees. Turning now to guidance. For simplicity, I will refer to the midpoint of our guidance ranges.

Full details can be found in this morning's press release and supplemental earnings deck. For the fiscal second quarter of 2026, we expect ARR to be $965 million, up approximately 26% year over year compared to current consensus of 23.5% growth. For our fiscal year 2026, we are increasing our ARR outlook by $20 million to $1.1 billion, up 25.5% year over year compared to our prior guidance of 23.2% growth. The increase in our ARR guidance primarily reflects organic growth of the business and assumes no material change in FX rates. For revenue, we expect the fiscal second quarter 2026 to be $243 million, an increase of 22% year over year, with an adjusted operating margin of 12.1%. We expect our diluted share count to be approximately 557 million shares and adjusted EPS to be $0.045.

For fiscal year 2026, we expect revenue to be approximately $1.039 billion, an increase of 21% year over year, with an adjusted operating margin of 15.7%. We expect our diluted share count to be approximately 565 million shares and adjusted EPS to be $0.18. Please note, we included additional modeling notes in our supplemental earnings deck. In summary, we believe we are well positioned to win the next generation of identity security because of the depth and breadth of our platform, our enterprise scale, and our willingness to listen and respond to market needs. We continue to see several durable growth drivers that position us for sustained long-term growth, and we are relentlessly focused on executing on that opportunity. With that, let's invite Matt Mills, our President, to join us and open the call for questions. Operator?

Operator (participant)

Thank you.

Ladies and gentlemen, if you have a question or a comment at this time, please press star 11 on your telephone. If your question has been answered and you wish to move yourself from the queue, please press star 11 again. In the interest of time, and to allow everyone to ask a question, we ask that you limit yourself to one question. We will pause for a moment while we compile our Q&A roster. Our first question comes from Joel Fishbein with Truist. Your line is open.

Joel Fishbein (Managing Director)

Thanks for taking the question and congrats on excellent execution. I guess I have so many questions, but the first one for you, Matt, in terms of machine identity, it seems like it's starting to inflect. I know you have the new products coming out, Agent Identity Security in the fall.

Can you just tell us what you think the pricing looks like in that market and maybe share some of the competitive dynamics that you're seeing in that market? Thanks.

Matt Mills (President)

Yeah. Thanks for the question, Joel. Look, at the end of the day, when we look at the market and we look at our customers and our prospects alike, machine identity is top of the list for all of them. It's important to them. Many of our customers, as you know, I mean, the idea of machine identity is not necessarily new, right? We've been dealing with a lot of things around service accounts and bots for some time now. Here, certainly in the last 12 months, it's kind of moved its way to the threat vector, and therefore it's become a hugely important topic of concern for all of our customers and prospects alike.

I think when you start talking about the pricing of it, look, I've followed a lot of the things that you guys like yourself have put out and others, and I think it's a huge moving target, and I think it's going to be value-based. I think at this point in time, it's all going to play out, but I think it becomes quite difficult to kind of say it's this or it's that. We just know it's a significant opportunity for us.

Brian Carolan (SFO)

I think I'd add, Joel, on the competitive side, Mark, is the clarity we're trying to help establish in the market of where we're focused on the machine identity problem versus, say, others around us.

I think we continue to see that a lot of the focus from others is on what we would call the authentication of those machines, the server certificates, the identity of the machine. We're focused, as we have been for human identities, on the authorization capabilities. What can those accounts or systems do, bots, RPAs, etc.? Again, we find that it may be tenable that we may coexist with other machine identity security solutions where, just like, say, we coexist with an SSO vendor because they're solving a different part of the identity problem. I think where we're focused tonight in machine identity is differentiated, and we're hearing that back from the customers we're engaging with.

Joel Fishbein (Managing Director)

Thank you so much.

One moment for our next question. Our next question comes from Matt Hedberg with RBC. Your line is open.

Matt Hedberg (Managing Director and Software Research Analyst)

Oh, thanks for taking my question, guys.

I'll offer my congrats as well. Really, really strong results. One area I wanted to ask about, it sounds like you guys didn't call out any macro pressure, but I know you guys have some U.S. Fed exposure, and other cyber vendors have been calling out maybe some pressure there. Just curious on what you're seeing in that particular vertical.

Matt Mills (President)

Yep. Hi, Matt. This is Matt. Yeah, look, for us thus far, I'd say it's been business as usual, right? We haven't seen any extensive result or material result from anything DOGE-related. I think we continue to keep our head on a swivel and look, but our business remains resolute. Like I said, thus far, we've not seen anything that would indicate we've got challenges as a result of DOGE.

Matt Hedberg (Managing Director and Software Research Analyst)

Great. Thanks, Matt.

Operator (participant)

One moment for our next question. Our next question comes from Robbie Owens with Piper Sandler.

Your line is open.

Rob Owens (Managing Director and Senior Research Analyst)

Good morning, and thank you for taking my question. I wanted to unpack the ARR strength, which accelerated in the quarter when we looked at the growth rate. I guess the two components, as you look at new customers, which I think you said were half of it, just can you give us a sense of where those conversations are? Is there a sense of urgency, especially in this very uneven environment? Second, with regard to the existing customers, which I think came through in a better NRR quarter over quarter, is this a function of more identities? Is this a function of modules being added on or tier upgrades? Thanks for taking the question.

Brian Carolan (SFO)

Hi, Rob. It's Brian here. Hope you're well.

With respect to the new customer acquisition, I think that what we're seeing is just great success from this being a very resilient market for us. These are business-essential programs. Companies are not looking to cut back on identity security. They often rise to the top of the stack for CIOs and CISOs. Really, we're seeing pipeline from failed deployments of other competitive solutions that we're able to go back in and save and restart them for them. We're pleased with our new customer acquisition. We continue to make great progress there. With respect to existing customers, we're continuing to see, again, about half of this come from new logos, but half from expansion opportunities within our install base. There's been this nice kind of even disposition of several growth vectors.

This includes migrations of on-prem customers into net new SaaS solutions, where we typically see a 2-3x uplift on their ARR spend. We do see quantity upsells, so more identities being sold. I called out there's other cross-sell initiatives. Some of those new products like Non-Employee Risk Management, Machine Identity Security, Data Access Security, that's all contributing to low single digits of our expansion. Also our SaaS suite upgrades. These are customers that are moving from point-level SaaS solutions into our suite. Again, we're really pleased to see that nice cross-sell and upsell disposition.

Rob Owens (Managing Director and Senior Research Analyst)

Thank you.

Operator (participant)

One moment for our next question. Our next question comes from Peter Levine with Evercore. Your line is open.

Peter Levine (Managing Director)

Thanks for taking my questions.

Maybe one, Mark, you talked about the success we're seeing in AI, kind of a bit of an inflection point, but maybe share with us, why is IGA better positioned to kind of capitalize on the rise of AI over some of the PAM vendors or even the identity access management providers? Just curious to know why you think governance is better positioned. Then maybe, Brian, I know you said not much of a macro, but perhaps did you bake in anything into the full-year guide? You raised the guide, but just curious, were there any guardrails that you kind of factored into the full-year guide just to kind of assume maybe things get worse? Just curious to know what your philosophy was there. Thank you.

Mark McClain (Founder and CEO)

Thanks, Peter. Yeah, on the first one there on AI, I think sometimes it helps to go back to the basics.

When we first came to market the first time in 2017, we were trying to help make sure we positioned where we thought what was not even called IGA at that time was. We said, "Look, at the end of the day, we answer three simple questions for humans." That was, who has access to what? How does that compare to who should have access, kind of policy versus actual? What are they doing with it? The truth is, I think those are the same three core questions that are going to get asked about agentic AI, right? It's like, what is this agent? What does it have access to? Is it performing according to my expectations? An authorization tool like ours, a governance tool, is well-designed and suited for that question. Access and authentication tools are not, right?

We often go back to a very simple metaphor. We experience it every time we're up here in New York for investor meetings of the security guard at the front door knows that you've gotten into the building. That's access. That's letting you into the application of the building. They really lose track of where you go once you leave that front desk. That is sort of the SSO problem. They aren't designed to understand all the entitlements, capabilities that an identity has inside those complex applications. That is going to be true for agents. What does the agent have access to? What is it allowed to do? What data can it see? Can it change data? Those are hard questions to answer without a governance framework. That is really where we're coming from.

We think the access and privilege vendors that do not have that heritage are just going to be very challenged in trying to answer those very difficult questions. I will turn it over to Brian for the other part.

Brian Carolan (SFO)

Yep. Thank you. We are not expecting currently any major change in the macro environment. We are not building in any sort of headwind. Having said that, we are mindful of it. We are doing a great deal of deal scrutiny with rigorous pipeline management. We continue to see good demand for the identity security space. We are aware of it. We are not immune to it. We are watching deal timing in particular because a lot of times these are programs that may change from one quarter to the next. Again, the underlying fundamental demand is still there and is strong.

Peter Levine (Managing Director)

Thank you.

Operator (participant)

Again, ladies and gentlemen, just as a reminder, we ask that you limit yourself to one question. One moment for our next question. Our next question comes from Gray Powell with BTIG. Your line is open.

Gray Powell (Managing Director)

Okay. Great. Thank you very much. Yeah, I just would love to hear what you're seeing in terms of customer willingness to migrate from legacy IGA solutions like Oracle and IBM. Does macro uncertainty impact any of those projects, or is it really just more a function of pending end of life and customers' need to modernize?

Matt Mills (President)

Yeah. Thanks, Gray. This is Matt. Look, I think what we're seeing now is actually a little bit of an acceleration there. I think the security landscape today is such that it's really bringing out the flaws, if you will, on these legacy systems.

In many cases, as you probably know, they're heavily customized. It becomes a handful just to keep up with in of itself, not to mention the accelerating threat landscape. I would tell you we continue to see really good opportunities, and we continue to win at a high rate. Great. Just one point to add. You may have seen the recent Gartner report. In terms of our overall market share gain that we made in recent history, we're more than 5x or about 5x our nearest competitor. We feel like we're displacing legacy competition and also winning against some new competitors.

Gray Powell (Managing Director)

Got it. Thank you very much. Thanks for correcting my name there. I get a lot of Garys and Gregs in my life, so I greatly appreciate that.

Mark McClain (Founder and CEO)

You bet, Greg.

Operator (participant)

One moment for our next question.

Our next question comes from Michelle Ial with TD Cowen. Your line is open.

Thank you so much for speaking about name corrections. Congrats on strong results and guidance. Question to Mark or Matt. Given that Accenture is one of your leading partners, what are you hearing internally as it relates to their overall activities with SailPoint? Will they be one of your prime go-to-market partners as we think about further GenAI adoption? Thank you.

Matt Mills (President)

Yeah. Thank you, Michelle. This is Matt. Look, we're very fortunate. We have a strong ecosystem of partners, of which Accenture is a big part of. They continue to be one of our largest partners, and I do not see anything that would cause that to change. So we continue to work with them. We invest in them. They're one of our large MSP partners, right?

I would tell you, from an expectation perspective, we continue to invest with them and do good things for our customers and prospects.

Mark McClain (Founder and CEO)

Yeah. I think just to add, Michelle, we made a little note of what we're doing with Deloitte on the call today around agents. With all of our leading partners, PwC, Accenture, and many others, Optus, strong partnerships, we are expecting to move in the direction of supporting customers' needs around agentic with all of those leading partners. Just pleased to be able to kind of reference multiple good things there. Yeah, Accenture continues to be one of our top partners around the globe, and we can expect that to just continue to expand as we go.

Thank you so much.

Thanks, Michelle.

Operator (participant)

One moment for our next question. Our next question comes from Joseph Gallo with Jefferies. Your line is open.

Joseph Gallo (Senior VP)

Hey, guys. Thanks for the question. Brian, it was great to see some of the margin strength, even with most of the upside coming from SaaS. Can you just update us on where you are on sales capacity, where you're investing, and then where some of this leverage is actually coming from? Thanks.

Mark McClain (Founder and CEO)

Sure. We were pleased with our margin performance this year, exceeding the Q1 guidance that we put out there. Some of that was driven by timing of investments too, which we'll catch up on as the year goes along. I'd say we're in a good spot with capacity adds. More to come on that. We're investing in things like customer success early on in the year just to make sure we're still driving a strong gross retention rate and net revenue retention rate.

We feel like this is going to be a balanced strategy. We're really pleased with a 30% ARR growth. We want to make sure we're continuing to invest in that while still contributing and delivering some level of margin expansion, which gave us confidence to increase it for the year.

Joseph Gallo (Senior VP)

Thank you.

Operator (participant)

One moment for our next question. Our next question comes from Brian Essex with JPMorgan. Your line is open.

Brian Essex (Executive Director)

Hi. Good afternoon. Good morning. Thank you for taking the question and congrats on some solid results. Maybe, Mark, for you, in your prepared remarks, you called out a retailer that went, quote unquote, "all in on SailPoint." Could you provide a little detail there? What was the catalyst to move? What did you displace? Maybe how long was that sales cycle?

How indicative is that deal with regard to what you typically see with new customer lands?

Brian Carolan (SFO)

Yeah. I'll probably flip that, Brian, over to Matt, who's got more detail. I will tell you that that kind of a strategic large-scale win is not atypical. We certainly called that one out. In general, I think we're finding that almost inevitably in those large shops, they've got some level of deployment of something. Generally, it's one of the legacy vendors that we're displacing. We always try to reemphasize that quite often it's fairly minimally deployed. It's not uncommon for us, say, within the first six to nine months of a deployment, to run past any of the level of deployment they had because that's really the frustration they have with those legacy tools as they aren't covering the landscape.

As they try to think about securing their whole landscape, they're just very frustrated with those legacy tools. That's often the driver. It's a great story because they're sort of picking up on all the core aspects of the story.

Matt Mills (President)

Yeah. Thanks. I'll just add, Brian. Look, I think when you look at these large opportunities, they start with a fair amount of relationship and education that happens before you actually start prosecuting an opportunity. I think that was the case here. We built a very strong relationship with this company. As Mark said, they're running a legacy solution. They feel the pains of the legacy solution in terms of what it can't do and the problems it's causing for them. Once we started the opportunity, I think it went in fairly short order. A great win for our team.

Mark McClain (Founder and CEO)

It kind of validates the whole idea that we continue to win at a very high rate in replacing these legacy solutions. Very helpful.

Brian Essex (Executive Director)

Thank you.

Mark McClain (Founder and CEO)

One moment for our next question. Our next question comes from Gabriela Borges with Goldman Sachs. Your line is open.

Gabriela Borges (Managing Director and Senior Software Equity Research Analyst)

Hi. Good morning. Thank you. For Mark and for Matt, we've talked on IGA for some time now about how one of the limiting factors for adoption is how long or how annoying it can be to switch from one vendor to another. My question for you is, what are you doing with AI internally to perhaps speed up some of that implementation? How do you think about, on the flip side, the risk that this lowers the barrier to entry for some new-enabled IGA vendor to come down the pipeline and potentially disrupt you? Thank you.

Mark McClain (Founder and CEO)

Thanks, Gabriela.

Yeah, I'll start and see if Matt has some thoughts to add. I think a couple of points. One is, when we show up, especially in these mid to large enterprises with fairly complex IT environments, our two decades of building connections deep, we're probably going to have to come up with some terminology delineation here because a connector is not a connector in this world, right? It's one thing for an access tool to say, "I connect to an application," which means they can log you in. For us, that means we can do deep governance typically around the entitlements and who can access data, etc., within these applications. It is our rich heritage of connection with all of the commercial apps these enterprises care about and many bespoke apps that gives them confidence.

That is a big area of focus, though, is to leverage AI to both increase the rate of speed where we can get to those new bespoke applications that we have not already connected with in a typical enterprise environment, and also to make it simpler for non-technical people to do that work. Quite often, that is some of the areas of slowdown in these implementations is having to do deep technical work to kind of connect into these business applications. We are trying to use AI to speed up and leverage what we know from all the tens of thousands of connections we have built to make that simpler and easier. To your point about kind of others out there, we are certainly well aware of some of the earlier stage vendors in identity are starting to make some strong claims about connectivity. We have dug pretty deeply into all of that.

Those that are making claims about very rapid expansion of connectivity are typically doing those very shallow connectors where they can connect to a resource, but they can't really do entitlement-level governance. We are helping make sure customers are clear on kind of the actual capabilities that we have and how that compares to some of the claims being made by some of the newer vendors. What Matt would tell you is when we get into these large complex environments, our win rate continues to be incredibly high once customers are really clear on the differentiation of what we're offering.

Gabriela Borges (Managing Director and Senior Software Equity Research Analyst)

I appreciate the nuances.

Mark McClain (Founder and CEO)

Thank you.

One moment. Sorry. One moment for our next question. Our next question comes from Tal Liani with Bank of America. Your line is open.

Tal Liani (Technology Analyst)

Hi, guys. ARR was very strong this quarter, $27 million above expectations for the next quarter.

You're also guiding up $20 million above. When I look at the full year, I have to reduce my estimates for net new ARR in order to hit because the increase in the full year is lower than what we're seeing this quarter and next quarter. Is there anything that is happening with timing of orders that is pulling things forward, or is it just kind of the way the numbers are, and we shouldn't pay attention to it? Thanks.

Brian Carolan (SFO)

Hi, Tom. It's Brian here. There was nothing unique about pull forward of any deals or revenue. This is basically I'd really encourage you to look at ARR on an annual basis. For our FY2026 guide, we're actually raising that by more than 200 basis points. Also, the Q2 guide is 200 basis points above current consensus.

Mark McClain (Founder and CEO)

Just keep in mind, that 3% beat that we had in Q1 or the $27 million, that's an annual metric as compared to what other companies would do in terms of quarterly revenue numbers. When it came to the quarterly revenue and operating income beats, we passed all of that through and raised Q2 as well. It is just part of our philosophy. We feel good about it, and it is a good place to start for Q2.

Tal Liani (Technology Analyst)

Got it. Thank you.

Operator (participant)

One moment for our next question. Our next question comes from Keith Weiss with Morgan Stanley. Your line is open.

Keith Weiss (Managing Director)

Hi, Sean. Thank you, guys, for taking the question. Congratulations on a great start to the fiscal year. A lot of big numbers in this Q1 print. I guess one that we have not really dug into yet was the large customer numbers.

Really good growth on both the $250,000 customers and the million-dollar-plus customers. Two questions within that. One, anything in particular driving that, or is it just the summation of the expanding solution portfolio traction in the identity management market? Maybe somewhat related, any change in sales strategy or go-to-market strategy as we enter into the new fiscal year? Anything that is worth noting in terms of how you guys are approaching that market opportunity from the go-to-market perspective?

Mark McClain (Founder and CEO)

I'll start just with respect to the increasing deal size. We're really pleased with, I mean, greater than $250,000 ARR customer count that's up 28% year over year. The greater than a million, as we mentioned, is up 62% year over year. We're also not just the number of customers that we're landing. It's just a more sizable number.

Our average ARR for customers is now above $300,000. It's really driven by expansion opportunities across the board in terms of just overall identity growth, suite upgrades, upsell, and cross-sell of new modules. I'll defer to Matt just on some additional color.

Matt Mills (President)

Yeah. Thanks, Keith. Look, there's been really no big change relative to our go-to-market strategy, our selling strategy. As you know, we're fairly pragmatic in terms of who we market to. We work off a target account list. None of that has changed. We'll continue to execute that for the remainder of the year. Excellent.

Keith Weiss (Managing Director)

Thank you, guys.

Matt Mills (President)

Thank you.

Operator (participant)

One moment for our next question. Our next question comes from Michael Romanelli with Mizuho. Your line is open.

Michael Romanelli (VP)

Yeah. Hi. This is Mike on for Gregg Moskowitz. Congrats on the strong results, and thanks for taking the questions here.

Mark McClain (Founder and CEO)

I guess I was wondering if, firstly, if HarborPilot is included in any of your suites, and will there be an additional charge for this technology? Just quickly on the migration impact to net retention rate. Was that about three to four points again this quarter? Thanks.

I got the first part, Mike, on the HarborPilot. What was the second part?

Yeah. Just real quick on the migrations. It did contribute low single digits in terms of the NRR contribution.

Oh. Yeah. Within the NRR, what was from migrations?

Michael Romanelli (VP)

Yeah.

Mark McClain (Founder and CEO)

In that sort of the of those four contributors, all roughly a quarter of that 15%. On the first part, Mike, yeah, HarborPilot is included with our platform today. The first two offerings, the AI offerings within HarborPilot, we at this point have just included that in our offering.

I think as we continue to add new capabilities, we'll look at where, whether, and when we might price that out separately at some point based on the value delivery. We at this point are kind of anxious for customers to adopt some of these AI capabilities to help them be more efficient and effective in ramping up their implementations and deployments. A lot of what these initial HarborPilot capabilities are doing is just letting them more rapidly get the answers they need to address their issues. We will continue to watch how that evolves. For now, it's just buried into the cost of our platform.

Michael Romanelli (VP)

Great. Thank you. Thanks.

Operator (participant)

One moment for our next question. Our next question comes from Andrew Nowinski with Wells Fargo. Your line is open.

Andrew Nowinski (Senior Research Analyst)

Okay. Thank you. I'm just wondering what drove the 18% growth in your non-SaaS ARR in Q1.

I know you're assuming 90% of net new comes from SaaS going forward, but that still implies growth in your non-SaaS ARR. Just wondering if you could give any more color on what's driving that. Thanks.

Brian Carolan (SFO)

Hi, Andy. It's Brian. We actually saw a fairly strong term business for Q1, both on renewals and also a couple of new sizable customers chose to go with an on-prem solution just given their environment. Moving forward, we still are targeting that 90-10 mix, meaning 90% SaaS and 10% term. We do believe that SaaS is going to continue to be the first and foremost sales play for us. We did see some nice uptick in some term business for the quarter.

Andrew Nowinski (Senior Research Analyst)

Thank you.

Operator (participant)

One moment for our next question. Comes from Saket Kalia with Mark Leach. Your line is open. Okay.

Great. Hey, guys.

Thanks for taking my question here and echo the nice beat on ARR. Brian, maybe for you, I was wondering if you could just talk to the shape of net new ARR this year, maybe comparing it to prior years. And then anecdotally, of course. Then separately, I was wondering if you could go one level deeper just into the components of the 115% NRR, particularly whether you saw more contribution than expected for migrations.

Mark McClain (Founder and CEO)

I would not think there is anything materially different about our ARR and our new customer acquisition. We are actually really pleased with the consistency of it, to be honest with you, and the nice disposition between new and existing customers.

As I mentioned, what's great about the expansion with the existing install base is the almost even distribution among things like migrations and quantity upsell, and then the cross-sell initiatives that I called out in terms of the Non-Employee Risk Management, Machine Identity Security, Data Access Security. That bucket alone was more than double what it was a year ago. We're also experiencing our SaaS suite upgrades as well. Just think about this as half and half, and we're really pleased with that disposition. Anything just on the shape of net new ARR for the year? I know that last year, I think Q2 was particularly healthy. I can't remember if it was Fed or another vertical. Anything you want to say just in the shape of the year? We had a fairly strong Q2 last year.

We typically are kind of a second-half company when it comes to net new ARR growth. I'd continue to think of it that way. Nothing super unusual year over year.

Very helpful. Thanks.

Thank you.

Operator (participant)

I'm not showing any further questions at this time. I'd like to turn the call back over to Mark for any closing remarks.

Mark McClain (Founder and CEO)

Thank you. Appreciate everyone's questions today and all the great notes that have been written up over the course of our first few months here being public. We look forward to continuing the dialogue. Thanks for everyone's interest on the call today. We'll talk to you soon. Thanks. Have a great day.

Operator (participant)

Thank you, ladies and gentlemen. This does conclude today's presentation. We thank you for your participation. You may now disconnect and have a wonderful day.