What is Google Identity-as-a-Service?

Google IDaaS

Identity-as-a-Service (IDaaS) solutions have taken off over the last several years, with a number of vendors piling into the IDaaS market. Perhaps the most notable recently has been Google Cloud Identity, which is making interesting inroads into the identity and access management (IAM) space. But what is Google Identity-as-a-Service? What does it give to organizations that they didn’t already have? Before we dive into what Google IDaaS is all about, we should step back and outline how the identity management space has been evolving. That way we can begin to understand where it is going.

A Brief History of IAM

SAML training

The modern identity and access management (IAM) space arguably kicked off with the introduction of the LDAP protocol, but that is really because LDAP led to powerful solutions like OpenLDAP and Microsoft Active Directory® (AD).

Both of these solutions were on-prem identity providers – the core directory service. This meant they were responsible for authenticating user access to systems, applications, file servers, and network infrastructure. However, they were never designed to support cloud innovations.

As web applications started to gain popularity in the early 2000’s, a new generation of identity management solutions were created. These IAM platforms were called web application Single Sign-On (SSO) providers. They leveraged Active Directory credentials and federated access to web apps. Their success inspired a number of other vendors to enter the market for a variety of purposes.

However, despite being identity management solutions, these platforms still needed a core identity provider (e.g., AD or OpenLDAP). We can think of these as first generation IDaaS solutions.

Google Enters the Game

google apps directory sync

Google first started to get involved in the IDaaS space with G Suite Directory – their user management platform for Google Apps. Prior to that, G Suite identities were tightly woven in with individual Google apps. In other words, identities were effectively attached to the Google apps they used.

Google IDaaS changed this approach, which is centralized around the core Google Cloud Identity. Essentially, what they’ve done is detach the core user identity from G Suite to offer identity services (Read more...)

*** This is a Security Bloggers Network syndicated blog from JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/what-is-google-identity-as-a-service/

Vince Lujan

Vince is a documentation and blog writer at JumpCloud, the world’s first cloud-based directory service. Vince recently graduated with a degree in professional and technical writing from the University of New Mexico, and enjoys researching new innovations in cloud architecture and infrastructure.

vince-lujan has 148 posts and counting.See all posts by vince-lujan