Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://cloud.google.com/iam/docs/user-identities below:

Identities for users | IAM Documentation

Stay organized with collections Save and categorize content based on your preferences.

This page describes the ways that you can configure identities for users in your organization so that they can access Google Cloud. It doesn't discuss the identities that your customers use to authenticate to your application. To learn about how to authenticate customers to your application, see the Identity Platform documentation, which discusses customer identity and access management (CIAM).

For users to access Google Cloud, they need an identity that Google Cloud can recognize. There are several ways to configure identities so that Google Cloud can recognize them:

• Create Cloud Identity or Google Workspace accounts
• Set up one of the following federated identity strategies:
  • Federation using Cloud Identity or Google Workspace
  • Workforce Identity Federation

You can use Cloud Identity or Google Workspace to create managed user accounts. These accounts are called managed accounts because you control their lifecycle and configuration. Users with these accounts can authenticate to Google Cloud and be authorized to use Google Cloud resources.

Cloud Identity and Google Workspace share a common technical platform. Both products offer similar features for managing users, groups, and authentication.

Only Cloud Identity or Google Workspace managed Super Admin accounts can invite users with unmanaged consumer accounts to transfer their consumer accounts to managed accounts.

To get started with Cloud Identity or Google Workspace, you can do the following:

• To learn more about using Cloud Identity and Google Workspace to create identities for your users, see Google for organizations.
• Learn how to set up Cloud Identity.
• Learn how to set up Google Workspace.

You can federate identities to allow users to use their existing identity and credentials to sign in to Google services. There are several methods to federate identities in Google Cloud.

When you federate identities with Cloud Identity or Google Workspace, users aren't prompted to enter a password when they try to access Google services. Instead, you can redirect them to an external identity provider (IdP) to authenticate.

To use this type of identity federation, a user must have an external identity in the external IdP and a corresponding Google Account in Cloud Identity or Google Workspace, typically with the same email address. You can keep these accounts synchronized by using a tool like Google Cloud Directory Sync (GCDS) or by provisioning accounts using an external authoritative source. For example, you could set up account provisioning with Microsoft Entra ID or Active Directory.

To learn more about federation using Cloud Identity or Google Workspace, see Single sign-on.

Workforce Identity Federation lets you use an external identity provider (IdP) to authenticate and authorize a workforce—a group of users, such as employees, partners, and contractors—using IAM, so that the users can access Google Cloud services. With Workforce Identity Federation you don't need to synchronize user identities from your existing IdP to Google Cloud identities, as you would with Cloud Identity's Google Cloud Directory Sync (GCDS). Workforce Identity Federation extends Google Cloud's identity capabilities to support syncless, attribute-based single sign-on.

To learn more about Workforce Identity Federation, see Workforce Identity Federation overview.

• Learn about the ways to authenticate to Google APIs with user credentials.
• Learn how to grant users access to resources.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-07-02 UTC.

[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-07-02 UTC."],[[["This page outlines methods for configuring user identities within your organization to enable access to Google Cloud services, differentiating this process from customer authentication for your applications."],["Users can be granted access to Google Cloud through managed accounts, which are created and controlled via Cloud Identity or Google Workspace."],["Federated identities allow users to sign in to Google services using their existing credentials from an external identity provider (IdP), with or without synchronizing user accounts with Google Cloud."],["Workforce Identity Federation enables workforce members, such as employees and partners, to use their existing external IdP credentials to access Google Cloud services without the need for account synchronization."]]],[]]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4