Identity-Aware Proxy documentation
Identity-Aware Proxy (IAP) lets you manage access to applications running in App Engine standard environment, App Engine flexible environment, Compute Engine, and GKE. IAP establishes a central authorization layer for applications accessed by HTTPS, so you can adopt an application-level access control model instead of using network-level firewalls. When you turn on IAP, you must also use signed headers to secure your app.
Start your proof of concept with $300 in free credit
- Get access to Gemini 2.0 Flash Thinking
- Free monthly usage of popular products, including AI APIs and BigQuery
- No automatic charges, no commitment
Keep exploring with 20+ always-free products
Access 20+ free products for common use cases, including AI APIs, VMs, data warehouses, and more.
Documentation resources
Guides
-
Quickstart: Authenticate users with Google Accounts
-
Using IAP for TCP forwarding
-
Programmatic authentication
-
Identity-Aware Proxy overview
-
Setting up an external HTTPS load balancer
-
Enabling IAP for GKE
-
Managing access to IAP-secured resources
-
Securing your app with signed headers
-
Enabling IAP for on-premises apps
-