What is Cloud Identity?
Cloud Identity is an Identity as a Service (IDaaS) solution. It offers the Identity services that are available in G Suite as a stand-alone product. As an administrator, you can use Cloud Identity to manage all of your users easily from a central location—the Google Admin console.
Cloud Identity provides free, managed Google Accounts to users who don’t need G Suite Services, such as Gmail or Drive. You can use Cloud Identity accounts with other Google services, such as Google Cloud Platform (GCP), Chrome, Android enterprise, and a large catalog of third-party applications.
If you're a G Suite admin
G Suite licenses are required only for users who need G Suite services. To manage users who don't need G Suite, you can create free Cloud Identity accounts for them.
In most cases, Cloud Identity users have the same Identity services as G Suite users, such as single sign-on (SSO) and 2- Step Verification (2SV). Compare Cloud Identity features in the Cloud Identity and G Suite products. Get started!
If you're a GCP admin
Consumer accounts, such as personal Gmail accounts or consumer accounts with work email IDs, are unmanaged accounts and are outside of your control. If developers in your organization use unmanaged accounts to use GCP resources, you can create Cloud Identity accounts to manage these users.
As an IDaaS, Cloud Identity also provides common Identity services, such as SSO.
You can create free Cloud Identity accounts for each user, separate from paid G Suite accounts. By doing so, you can manage all users across your entire domain from the Google Admin console. Get started!
Directory and account security
- Create and manage users. Learn more
- Create and manage groups. Learn more
- Manage account security by setting up basic 2SV or enhanced 2SV using security keys. Learn more
- Enforce strong passwords using password controls. Learn more
- Prevent phishing attacks on your users using password alerts. Learn more
SSO with third-party applications
Your users can access all of their enterprise cloud applications by signing in one time for all services, including SSO for:
- G Suite Marketplace applications.
- Pre-integrated apps from the Security Assertion Markup Language (SAML) catalog.
- Any other apps that support OpenID Connect (OIDC) or SAML.
- See overviews of key metrics and trends in your G Suite domain. Learn more
- Assess your domain's overall exposure to data breach, and discover which particular users pose security risks. Learn more
- Access all the data from the Security, Apps Usage Activity, and Highlights pages in a single master report. Learn more
- View logs of admin activity. Learn more
Basic Mobile Device Management
- Enforce screen locks or passcodes to secure devices. Learn more
- Wipe corporate data on devices. Learn more
- View and search for devices and export details to a CSV file. Learn more
- Supported by Android, iOS®, and Google Sync.