Identity & Security

Multi-tenancy support in Identity Platform, now generally available

Modern businesses need to manage not only the identities of their employees but also the identities of customers, partners, and Things (IoT). In April, we made Identity Platform generally available to help you add Google-grade identity and access management functionality to your own apps and services, protect user accounts, and scale with confidence. Today, we are making the ability to create and manage multiple tenants within a single instance of Identity Platform generally available to all customers.

customer-of-customer authentication structure.png
An example customer-of-customer authentication structure

Multi-tenancy allows you to create unique silos of users and configurations within a single Identity Platform instance, and it is most commonly used in business-to-business (B2B) applications to serve your customers and partners. For example, these silos might represent various customer groups with different authentication methods or employees of business units with different SAML identity providers (IdPs), subsidiaries, partners, vendors, and so on.

Identity Platform admin.png
The Identity Platform admin experience

You can use Identity Platform tenants to establish a data isolation boundary between resource hierarchies. Each tenant has its own:

  • Unique identifier

  • Users

  • Identity providers and authentication methods

  • Auditing and Cloud IAM configuration

  • Quota allocation

  • Identity Platform usage breakdown

This allows tenants to operate autonomously from one another, with different configurations and users, even though they are part of the same instance.

Getting started
To get started with Identity Platform, enable it in GCP Marketplace, watch our Cloud Next ‘19 presentation, and check out the quickstart and multi-tenancy documentation.