I keep wondering why is the pricing of this, auth0 etc so high, is this mostly for the employees and smaller groups? I can't see paying $6/mo/user to manage users for a non-enterprise SaaS offering.
When you have N employees, with people coming in and out all the time, something like this becomes essential. My previous employer used 70+ SaaS apps. Every role needed a different subset of them, ways of restricting access, and to roll them out for onboarding and eliminate access when off boarding. It means that people only need their password to Okta + a single 2FA and that’s it, and corporate rules can be put in place for that login. Even then people forget their password all the time. Imagine the chaos across all 70 SaaS products without something like this!
This exactly. Hard to grasp how much this kind of offering helps until you've had to single handedly do IT for a medium sized (or larger) org that uses a SaaS product for every distinct need.
This is for companies to manage their own employees and other corporate access. OneLogin is a similar product, or you can use G-Suite or Office 365 if you already have that.
Auth0's main product is for managing public user access to your app. AWS Cognito, Google Firebase Auth, Azure AD B2C are all options that are affordable and even free depending on your scale.
*Auth0 and Okta actually do both public app and corporate user management, so it's not as simple when comparing them but you can research their sites for more info.
This is not a tool to for service providers to manage users for an SaaS offering, it's a tool for organizations to manage users for (ideally) the entire suite of SaaS offerings plus devices (including BYOD) used by the organization, across vendors, including internal apps.
Not really. Corporate identity management does much more around fine-grained access, automatic (de)provisioning, syncing data, device management, compliance and reporting, etc.
Of course it can also just authenticate users, but that's a tiny part of the functionality which is why it is so much more expensive.
I think part of the pricing strategy might be to get people to just sign up for Google for Work. They might be getting all these other apps for "free" for the same price as signing up for the authentication.
Otherwise, from what I can tell, it seems a bit high. I might be missing something since it is not my field.
The standalone identity offering is a “Premium Edition” offering that is usable with or without GCP or GSuite but also is an upgrade over the “Free Edition” available to GSuite and GCP admins that allows creating managed identities for users that don't need GCP licenses.
It's so bizarre there must be some mistake. Does this do significantly more than AWS Cognito which free for the first 50k users? https://aws.amazon.com/cognito/
This price point doesn't make sense outside of the niche SaaS offerings that can charge in the thousands per month.
You're seeing Cognito User Pool pricing. Cognito User Pools is basically having AWS host your user / password / details database for an app you're building. It takes care of some details like verifying e-mail addresses / phone numbers and integrates with Cogito Federated Identities, which makes it easy for your app to (for example) allow login via Google, Facebook, or an account they create (which is stored in that user pool).
This Google service looks more comparable to Okta or auth0. That is like if you're a sysadmin at a big company and you want one place where your users can be authenticated, which can then allow access to all of the web apps you use (Dropbox, Salesforce, Gmail, etc.).
EDIT: And to tie them together a little:
If you were building a web app using Cognito, you could likely add a federated identity via Okta, auth0, or this Google service, which would then allow your users to log in directly to your service through that without having to create / manage an account separately.
> This price point doesn't make sense outside of the niche SaaS offerings that can charge in the thousands per month.
It's not for SaaS offerings at all, it's for organizations like employers, and the purpose is to manage identity for employee devices (including BYOD) and multiple SaaS products (ideally, all of the SaaS products used by the org, though obviously not all existing SaaS offering support it yet.)
This is an upgraded version of the identity management (even for users beyond those with GCP licenses) included with GSuite, though it can be used independently of GSuite.
