Identity Management - bobbae/gcp GitHub Wiki
Google Cloud Identity enables users to sign into apps and authorize apps to use Google services.
https://cloud.google.com/identity/docs/overview
Identity-based security is a type of security that focuses on access to digital information or services based on the authenticated identity of an individual.
https://cloud.google.com/identity/docs/overview
Account management, authentication and password management can be tricky. Often, account management is a dark corner that isn't a top priority for developers or product managers. The resulting experience often falls short of what some of your users would expect for data security and user experience. Use the best practices to ensure you have a safe, scalable, usable account authentication system.
Google Cloud Identity Platform
https://cloud.google.com/identity-platform
Identity Platform is a customer identity and access management (CIAM) platform that helps organizations add identity and access management functionality to their applications, protect user accounts and scale.
Firebase authentication
https://firebase.google.com/products/auth
IDM
IDM is a framework of policies and technologies to ensure that the right users have the appropriate access to technology resources.
Some articles on Identity and Security
https://cloud.google.com/blog/products/identity-security
Multiple third party identity provider support
Operational security
Google administrates a vulnerability management process that actively scans for security threats using a combination of commercially available and purpose-built in-house tools, intensive automated and manual penetration efforts, quality assurance processes, software security reviews and external audits.
Federated Identity Management
OAuth
OAuth is an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords. f you’ve ever signed up to a new application and agreed to let it automatically source new contacts via Facebook or your phone contacts, then you’ve likely used OAuth 2.0. This standard provides secure delegated access.
SAML
Security Assertion Markup Language (SAML) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. You’ve more likely experienced SAML authentication in action in the work environment. For example, it enables you to log into your corporate intranet or IdP and then access numerous additional services, such as Salesforce, Box, or Workday, without having to re-enter your credentials.
OpenID
OpenID Connect allows clients of all types, including Web-based, mobile, and JavaScript clients, to request and receive information about authenticated sessions and end-users. The specification suite is extensible, allowing participants to use optional features such as encryption of identity data, discovery of OpenID Providers, and session management, when it makes sense for them. If you’ve used your Google to sign in to applications like YouTube, or Facebook to log into an online shopping cart, then you’re familiar with this authentication option. OpenID Connect is an open standard that organizations use to authenticate users.
Comparisons
https://www.okta.com/identity-101/whats-the-difference-between-oauth-openid-connect-and-saml/