Federated Identity increases the security of your Zuplo API by removing the need
to share sensitive service account keys with your Zuplo API. Instead, Zuplo will
use the Zuplo Identity Token to authenticate with Google Cloud Services on your
behalf.

A new policy has been added to Zuplo that enables
[Federated Identity](https://cloud.google.com/iam/docs/workload-identity-federation)
with Google Cloud Services. By utilizing this policy developers can secure their
GCP API or other Google Cloud Resources (Storage, Pub/Sub, etc.) with GCP IAM
and allow Zuplo to call these services on their behalf.

Federated Identity with GCP is available as a paid-addon to customers on
enterprise plans. Contact your account manager or
[sales@zuplo.com](mailto:sales@zuplo.com) to inquire about pricing.

For more information on how to configure Federated Identity with GCP, see the
[Federated Identity with GCP documentation](https://zuplo.com/docs/policies/upstream-gcp-federated-auth-inbound).