What Google provided authentication source can be used in lieu of Google Workforce Identity Federation?
- Google Cloud Identity
- One Time Passwords from Android Phones
- GMail Accounts
- Google Project IAM
Explanation:
Instead of Google Workforce Identity Federation, you can use Cloud Identity or Google Workspace managed accounts to authenticate users and grant them access to Google Cloud resources. These managed accounts are controlled by the organization and can be used with Cloud IAM for access control. Alternatively, you can configure Workforce Identity Federation with a third-party identity provider (IdP) like Okta or Azure AD.
Here’s a more detailed breakdown:
-
Cloud Identity and Google Workspace:These Google products allow you to create and manage user accounts within your organization. These accounts can be used to authenticate users to Google Cloud and grant them access to resources through Cloud IAM.
-
Third-party IdPs with Workforce Identity Federation:Google’s Workforce Identity Federation allows you to integrate with third-party IdPs that support OpenID Connect (OIDC) or SAML 2.0. This enables users authenticated by those IdPs to access Google Cloud resources. Examples of supported IdPs include Okta, Azure AD, and Active Directory Federation Services (AD FS).