Sure. It's not a BeyondCorp product but a way to implement the BeyondCorp security model.
These are all separate pieces of architecture:
1) Corporate user database with access rights and permissions. This can be Google's G-Suite if you're already using it or this new Cloud Identity product.
2) Access to external corporate apps (like Salesforce) using OpenID or SAML connections with the above mentioned user system.
3) Access to internal or custom-built corporate apps (like a sales dashboard). You can use the APIs and build it into your app or use the IAP product to act as a smart firewall that will handle the authentication for you and just give your app a simple HTTP header with the user's name/email so you don't need to build any user auth in the app itself.
These are all separate pieces of architecture:
1) Corporate user database with access rights and permissions. This can be Google's G-Suite if you're already using it or this new Cloud Identity product.
2) Access to external corporate apps (like Salesforce) using OpenID or SAML connections with the above mentioned user system.
3) Access to internal or custom-built corporate apps (like a sales dashboard). You can use the APIs and build it into your app or use the IAP product to act as a smart firewall that will handle the authentication for you and just give your app a simple HTTP header with the user's name/email so you don't need to build any user auth in the app itself.