Stay organized with collections Save and categorize content based on your preferences.
Mandiant is now part of Google Cloud. Learn more.
Jump to

Cloud Identity

A unified identity, access, app, and endpoint management (IAM/EMM) platform.

  • Give users easy access to apps with single sign-on

  • Multi-factor authentication protects user and company data

  • Endpoint management enforces policies for personal and corporate devices

Benefits

Google-grade security

Defend your organization with BeyondCorp and Google’s threat intelligence signals. Control access to SaaS apps, enforce multi-factor authentication (MFA), manage endpoints, and investigate threats.

User and IT simplicity

Efficiently enable intuitive user experiences on endpoint devices, and unify user, access, app, and endpoint management with a single console. Enable access to thousands of apps with single sign-on (SSO).

Meeting you where you are

Extend your on-premises directory to the cloud with Directory Sync, enable access to traditional apps and infrastructure with secure LDAP, and automatically synchronize user information with HR systems.

Key features

Modernize IT and strengthen security

Multi-factor authentication (MFA)

Help protect your user accounts and company data with a wide variety of MFA verification methods such as push notifications, Google Authenticator, phishing-resistant Titan Security Keys, and using your Android or iOS device as a security key.

Endpoint management

Improve your company’s device security posture on Android, iOS, and Windows devices using a unified console. Set up devices in minutes and keep your company data more secure with endpoint management. Enforce security policies, wipe company data, deploy apps, view reports, and export details.

Single sign-on (SSO)

Enable employees to work from virtually anywhere, on any device, with single sign-on to thousands of pre-integrated apps, both in the cloud and on-premises.

Works with your favorite apps

Cloud Identity integrates with hundreds of cloud applications out of the box—and we’re constantly adding more to the list so you can count on us to be your single identity platform today and in the future. See current list.

Multiple product logos such as Gmail, Google Calendar, Google Chat, Slack, Trello, Workday, Asana, Docusign, Dropbox
View all features

What's new

See the latest updates about Cloud Identity

Sign up for Google Cloud newsletters to receive product updates, event information, special offers, and more.

Documentation

Find resources and documentation for Cloud Identity

Tutorial
Active Directory user account provisioning

How to set up user and group provisioning between Active Directory and your Cloud Identity or Google Workspace account by using Google Cloud Directory Sync (GCDS).

Google Cloud Basics
Cloud Identity one-pager

Learn the basics of Cloud Identity: A simple, secure, and flexible approach to identity and endpoint management.

Tutorial
Sign up for Cloud Identity from the Google Cloud console

How to sign up for Cloud Identity through the Google Cloud console.

Best Practice
Secure corporate access on personal devices

Learn how to provide the business apps employees need on their personal devices while implementing policies that keep corporate data safe.

Google Cloud Basics
Enforce uniform MFA to company-owned resources

Learn how to have users authenticate themselves using 2SV to access corporate resources, to protect user accounts and data.

Tutorial
Enable SSO for cloud apps

Extend single sign-on (SSO) to cloud apps so employees can use their credentials to sign into software as a service (SaaS) apps or in-house apps hosted in the cloud.

All features

Learn more about Cloud Identity features

Account security and MFA Help to protect users from phishing attacks with Google’s intelligence and threat signals and multi-factor authentication (MFA), including push notifications, Google Authenticator, phishing-resistant Titan Security Keys, and using your Android or iOS device as a security key.
Device security with endpoint management Improve your company’s device security posture on Android, iOS, and Windows devices using a unified console. Set up devices in minutes and keep your company data more secure with endpoint management. Enforce security policies, wipe company data, deploy apps, view reports, and export details.
Easy app access with SSO Enable employees to work from virtually anywhere, on any device, with single sign-on (SSO) to thousands of SaaS apps, including Salesforce, SAP SuccessFactors, Google Workspace, and more.
Works with your favorite apps Cloud Identity integrates with hundreds of cloud applications out of the box—and we’re constantly adding more to the list so you can count on us to be your single identity platform today and in the future. See current list.
Digital workspace Enable employees to set up quickly with a digital workspace—sign in once and access 5000+ apps, including pre-integrated SAML 2.0 and OpenID Connect (OIDC) apps, custom apps, and on-premises apps.
Unified management console Use a single admin console to manage user, access, app, and device policies, monitor your security and compliance posture with reporting and auditing capabilities, and investigate threats with Security Center.
Automated user provisioning Reduce administrative overhead involved in managing your users in individual third-party cloud apps by automating user provisioning to create, update, or delete user profile information in one place and have it reflected in your cloud apps.
Hybrid identity management Increase the ROI of your existing investments by extending your Microsoft Active Directory (AD) users to the cloud with Directory Sync and enabling simpler user access to traditional apps and infrastructure with secure LDAP.
Context-aware access A core component of Google’s BeyondCorp security model, context-aware access enables you to enforce granular and dynamic access controls based on a user’s identity and the context of the access request, without the need for a traditional VPN.
Account takeover protection Strengthen user security with Google’s automatic multilayered hijacking protection. Detect anomalous login behavior and present users with additional challenges to prevent account takeovers.
Technical support Get help when issues arise with 24/7 support from a real person. Phone, email, and chat support is available in 14 languages, included with your Cloud Identity subscription.
Advanced Protection Program A constantly evolving and easy-to-use bundle of Google’s strongest account security settings, ensuring that your most at-risk users always have the strongest possible protection.
Bring your own device (BYOD) support Endpoint management supports and enables BYOD, making it easy to keep your company data safer while letting employees use their favorite personal devices to get work done.
Quick and easy endpoint management deployment As soon as your employee’s device gets enrolled in endpoint management, all Wi-Fi and email configurations including server-side certificates get pushed to the device instantly.
No agent required Agentless setup for basic device management offers wipe and inventory controls for all devices in your fleet, with no user setup or disruption.
User-friendly MFA methods Cloud Identity supports a variety of MFA methods—hardware security keys, phone as a security key, mobile device push notifications, SMS, and voice calls—meaning you can choose the right option for your employees.
Rich MFA auditing and reporting Monitor employee usage, set alerts, and examine potential risks via detailed reports and audit logs.
Easy access to on-premises apps With secure LDAP, users can securely access traditional LDAP-based apps and infrastructure, using their Cloud Identity credentials.
Automate life cycle management Provision and deprovision users in real time from a unified admin console.

Pricing

Cloud Identity pricing details

Cloud Identity is $6/mo per user. Try Cloud Identity Premium or learn more about Cloud Identity features and editions pricing.