Multi-tenancy support in Identity Platform, now generally available
Yanna Wu
Software Engineer, Google Cloud
Vladimir Petrosyan
Director, Product Management
Modern businesses need to manage not only the identities of their employees but also the identities of customers, partners, and Things (IoT). In April, we made Identity Platform generally available to help you add Google-grade identity and access management functionality to your own apps and services, protect user accounts, and scale with confidence. Today, we are making the ability to create and manage multiple tenants within a single instance of Identity Platform generally available to all customers.
Multi-tenancy allows you to create unique silos of users and configurations within a single Identity Platform instance, and it is most commonly used in business-to-business (B2B) applications to serve your customers and partners. For example, these silos might represent various customer groups with different authentication methods or employees of business units with different SAML identity providers (IdPs), subsidiaries, partners, vendors, and so on.
You can use Identity Platform tenants to establish a data isolation boundary between resource hierarchies. Each tenant has its own:
Unique identifier
Users
Identity providers and authentication methods
Auditing and Cloud IAM configuration
Quota allocation
Identity Platform usage breakdown
This allows tenants to operate autonomously from one another, with different configurations and users, even though they are part of the same instance.
Getting started
To get started with Identity Platform, enable it in GCP Marketplace, watch our Cloud Next ‘19 presentation, and check out the quickstart and multi-tenancy documentation.