Compare Cloud Identity features & editions

Cloud Identity offers a free subscription option as well as a premium option with additional enterprise features for larger organizations.

Choose between free & premium service

  • Cloud Identity Free—Core identity and endpoint management for users who don’t need Google Workspace services, such as Gmail and Google Calendar.
  • Cloud Identity Premium—Additional enterprise security, application management, and device management services.

Compare instead: Google Workspace editions

On this page

Billing & support

 

Cloud Identity Free

Cloud Identity Premium
Subscription & license management
Support Find support with other Google Cloud & Google Workspace users in Google Cloud Communities. 24x7 Email, Phone, Chat
SLA   99.9%
Billing  

Endpoint management

License requirements are by user, not by device. Any users who want to sign in to a managed device must have a supported license for a feature to apply.

Device security settings

  Cloud Identity Free Cloud Identity Premium
Fundamental endpoint management
Basic passcode enforcement (mobile)
Google Credential Provider for Windows (standalone)
Network management (ChromeOS, Meet hardware)
Advanced endpoint management*
Strong passcode enforcement  
Network management (mobile)  
Mobile device security policies  
Android work profiles  
Enterprise endpoint management*
iOS data protection  
Mobile device certificates  
Control access based on user and device context
(Context-Aware Access)
 

* Feature set requires enabling advanced mobile management.

Device management

  Cloud Identity Free Cloud Identity Premium
Fundamental endpoint management
Basic mobile device management
Fundamental management for computers
Endpoint verification
Company-owned device inventory (endpoints)
Remote account sign-out
Remote account wipe (mobile)
Block devices
Drive for desktop
Advanced endpoint management*
Advanced mobile management  
Zero-touch enrollment for Android devices  
Admin approval of devices  
Remote device wipe  
Windows device management  
Enterprise endpoint management*
Company-owned device inventory (Android & iOS)  
Mobile device management rules  
BeyondCorp Alliance partner integrations  

* Feature set requires enabling advanced mobile management.

Mobile app management

  Cloud Identity Free Cloud Identity Premium
Fundamental endpoint management
Public and private app management (Android)
Advanced endpoint management*
Public app management (iOS)  
Android app runtime permissions  
Selectively distribute mobile apps to users  
Publish private Android web apps  
Managed Android app settings configurations  
Enterprise endpoint management*
Private iOS app management  

* Feature set requires enabling advanced mobile management.

Device details

  Cloud Identity Free Cloud Identity Premium
Fundamental endpoint management
Basic device details (mobile)
Basic endpoint details
(computer & smart home devices)
Basic device reports (ChromeOS & mobile)
Advanced endpoint management*
Advanced device reports (mobile)   
Enterprise endpoint management*
Device log events  

* Feature set requires enabling advanced mobile management.

Directory

  Cloud Identity Free Cloud Identity Premium
Basic directory management
Organizational units & groups Unlimited  Unlimited
User lifecycle management ✔ *
Manage groups for your organization
Groups for Business
Google Cloud Directory Sync
(Synchronize Active Directory & LDAP directories with Google)
Admin roles & privileges
Google Admin app for Android
Google Admin app for iOS
Automate tasks with Apps Script & APIs
Secure LDAP: Connect LDAP-based apps & services  

* Cloud Identity Free increases your user cap by 50. To learn more, go to Your Cloud Identity free edition user cap.

Security & data protection

  Cloud Identity Free Cloud Identity Premium
2-Step Verification
Security keys for 2-Step Verification
Password monitoring & strength control
Collaboration with trusted external domains
Self-service password recovery
Set session length for Google Cloud services
Data exports
Data loss prevention (DLP)   ✔*
Control access based on user & device context (Context-Aware Access)  
Set session length for Google services  
Security center: Security dashboard   ✔**
Security center: Security investigation tool   **
Security center: Security health page   **

* DLP for Drive is available to Cloud Identity Premium users who are also licensed for Google Workspace editions that include Drive log events.

** Some Security center features are not available in Cloud Identity Premium. For example, data related to Gmail and Google Drive.

3rd-party app integration

 

Cloud Identity Free

Cloud Identity Premium
Set up SSO using Google as an IdP to access third-party SAML apps
Set up SSO using Google as an IdP to access custom SAML apps
Set up SSO using a third-party IdP with Google as a service provider
Automated user provisioning  

Reports & log events

 

Cloud Identity Free

Cloud Identity Premium
Admin log events
User log events
User reports: Security
SAML log events
Groups log events
OAuth log events
Apps reports
User reports: Accounts
Device log events  
Automatically export log events to BigQuery  

Drive and Docs editors

 

Cloud Identity Free

Cloud Identity Premium
Drive sharing permissions
Google Drive for desktop
Connected Sheets
Advanced Drive auditing and reports (Drive audit log)
Turn Docs creation on or off
Shared drives Viewer only* Viewer only*
Smart chip data extraction  
Drive inventory export  

* They can comment on and edit files that are directly shared with them from shared drives.

Chrome browser

  Cloud Identity Free

Cloud Identity Premium

User policies & reporting
Chrome sync


Google, Google Workspace, and related marks and logos are trademarks of Google LLC. All other company and product names are trademarks of the companies with which they are associated.

Was this helpful?

How can we improve it?
Search
Clear search
Close search
Google apps
Main menu
335533061101007998
true
Search Help Center
true
true
true
false
false