Editions
There are two editions of Cloud Identity: The premium edition and the free edition.
Cloud Identity premium edition is not required to use Google Cloud. As a Google Cloud customer, you can request additional Cloud Identity licenses at no cost. However, the premium edition has additional features not offered in the free edition.
Cloud Identity offers a free subscription option and a premium option with additional enterprise features for larger organizations.
Choose between free and premium service
- Cloud Identity Free: Core identity and endpoint management for users who don't need Google Workspace services, such as Gmail and Google Calendar.
- Cloud Identity Premium: Additional enterprise security, application management, and device management services.
Compare instead: Google Workspace editions
On this page
- Billing and support
- Endpoint management
- Directory
- Security and data protection
- Third-party app integration
- Reports and log events
- Drive and Docs editors
- Chrome browser
Billing and support
| Cloud Identity Free | Cloud Identity Premium | |
|---|---|---|
| Subscription and license management | ✔ | ✔ |
| Support | Find support with other Google Cloud and Google Workspace users in Google Cloud Communities. | 24x7 Email, Phone, Chat |
| SLA | 99.9% | |
| Billing | ✔ |
Endpoint management
License requirements are by user, not by device. Any users who want to sign in to a managed device must have a supported license for a feature to apply.
Device security settings
| Cloud Identity Free | Cloud Identity Premium | |
|---|---|---|
| Fundamental endpoint management | ||
| Basic passcode enforcement (mobile) | ✔ | ✔ |
| Google Credential Provider for Windows (standalone) | ✔ | ✔ |
| Network management (ChromeOS, Meet hardware) | ✔ | ✔ |
| Advanced endpoint management | ||
| Strong passcode enforcement | ✔ | |
| Network management (mobile) | ✔ | |
| Mobile device security policies | ✔ | |
| Android work profiles | ✔ | |
| Enterprise endpoint management | ||
| iOS data protection | ✔ | |
| Mobile device certificates | ✔ | |
| Control access based on user and device context (Context-Aware Access) | ✔ | |
* Feature set requires enabling advanced mobile management.
Device management
| Cloud Identity Free | Cloud Identity Premium | |
|---|---|---|
| Fundamental endpoint management | ||
| Basic mobile device management | ✔ | ✔ |
| Fundamental management for computers | ✔ | ✔ |
| Endpoint verification | ✔ | ✔ |
| Company-owned device inventory (endpoints) | ✔ | ✔ |
| Remote account sign-out | ✔ | ✔ |
| Remote account wipe (mobile) | ✔ | ✔ |
| Block devices | ✔ | ✔ |
| Drive for desktop | ✔ | ✔ |
| Advanced endpoint management* | ||
| Advanced mobile management | ✔ | |
| Zero-touch enrollment for Android devices | ✔ | |
| Admin approval of devices | ✔ | |
| Remote device wipe | ✔ | |
| Windows device management | ✔ | |
| Enterprise endpoint management* | ||
| Company-owned device inventory (Android and iOS) | ✔ | |
| Mobile device management rules | ✔ | |
| BeyondCorp Alliance partner integrations | ✔ | |
* Feature set requires that you enable advanced mobile management.
Mobile app management
| Cloud Identity Free | Cloud Identity Premium | |
|---|---|---|
| Fundamental endpoint management | ||
| Public and private app management (Android) | ✔ | ✔ |
| Advanced endpoint management* | ||
| Public app management (iOS) | ✔ | |
| Android app runtime permissions | ✔ | |
| Selectively distribute mobile apps to users | ✔ | |
| Publish private Android web apps | ✔ | |
| Managed Android app settings configurations | ✔ | |
| Enterprise endpoint management* | ||
| Private iOS app management | ✔ | |
* Feature set requires enabling advanced mobile management.
Device details
| Cloud Identity Free | Cloud Identity Premium | |
|---|---|---|
| Fundamental endpoint management | ||
| Basic device details (mobile) | ✔ | ✔ |
| Basic endpoint details (computer and smart home devices) | ✔ | ✔ |
| Basic device reports (ChromeOS and mobile) | ✔ | ✔ |
| Advanced endpoint management* | ||
| Advanced device reports (mobile) | ✔ | |
| Enterprise endpoint management* | ||
| Device log events | ✔ | |
* Feature set requires enabling advanced mobile management.
Directory
| Cloud Identity Free | Cloud Identity Premium | |
|---|---|---|
| Basic directory management | ✔ | ✔ |
| Organizational units and groups | Unlimited | Unlimited |
| User lifecycle management | ✔ \* | ✔ |
| Manage groups for your organization | ✔ | ✔ |
| Groups for Business | ✔ | ✔ |
| Google Cloud Directory Sync (Synchronize Active Directory and LDAP directories with Google) | ✔ | ✔ |
| Admin roles and privileges | ✔ | ✔ |
| Google Admin app for Android | ✔ | ✔ |
| Google Admin app for iOS | ✔ | ✔ |
| Automate tasks with Apps Script and APIs | ✔ | ✔ |
| Secure LDAP: Connect LDAP-based apps and services | ✔ |
* Cloud Identity Free increases your user cap by 50. To learn more, go to Your Cloud Identity free edition user cap.
Security and data protection
* DLP for Drive is available to Cloud Identity Premium users who are also licensed for Google Workspace editions that include Drive log events.
** Some Security center features are not available in Cloud Identity Premium. For example, data related to Gmail and Google Drive.
Third-party app integration
| Cloud Identity Free | Cloud Identity Premium | |
|---|---|---|
| Set up SSO using Google as an IdP to access third-party SAML apps | ✔ | ✔ |
| Set up SSO using Google as an IdP to access custom SAML apps | ✔ | ✔ |
| Set up SSO using a third-party IdP with Google as a service provider | ✔ | ✔ |
| Automated user provisioning | ✔ |
Reports and log events
| Cloud Identity Free | Cloud Identity Premium | |
|---|---|---|
| Admin log events | ✔ | ✔ |
| User log events | ✔ | ✔ |
| User reports: Security | ✔ | ✔ |
| SAML log events | ✔ | ✔ |
| Groups log events | ✔ | ✔ |
| OAuth log events | ✔ | ✔ |
| Apps reports | ✔ | ✔ |
| User reports: Accounts | ✔ | ✔ |
| Device log events | ✔ | |
| Automatically export log events to BigQuery | ✔ |
Drive and Docs editors
| Cloud Identity Free | Cloud Identity Premium | |
|---|---|---|
| Storage per user | None, but users can use Google Workspace pooled storage | 15 GB times the number of end users (pooled) |
| Drive sharing permissions | ✔ | ✔ |
| Google Drive for desktop | ✔ | ✔ |
| Connected Sheets | ✔ | ✔ |
| Advanced Drive auditing and reports (Drive audit log) | ✔ | ✔ |
| Turn Docs creation on or off | ✔ | ✔ |
| Shared drives | Viewer only* | Viewer only* |
| Smart chip data extraction | ✔ | |
| Drive inventory export | ✔ |
* Users can comment on and edit files that are directly shared with them from shared drives.
Chrome browser
| Cloud Identity Free | Cloud Identity Premium | |
|---|---|---|
| User policies and reporting | ✔ | ✔ |
| Chrome sync | ✔ | ✔ |
Google, Google Workspace, and related marks and logos are trademarks of Google LLC. All other company and product names are trademarks of the companies with which they are associated.