This topic describes the commercial release, editions, and billing rules of Identity as a Service (IDaaS) Employee Identity and Access Management (EIAM) V2.0.
Editions
The following editions of IDaaS EIAM V2.0 are available:
Free Edition: You can use a variety of identity management features free of charge to meet basic identity management requirements. For example, you can synchronize Active Directory (AD) accounts to DingTalk and use single sign-on (SSO) to log on to Alibaba Cloud. The Free Edition has no limit on the number of accounts in an instance.
Enterprise Edition: IDaaS Enterprise Edition provides powerful and secure identity management capabilities to connect identity information and application information. This ensures identity security.
Feature | Free Edition | Enterprise Edition |
Synchronization of accounts and organizations from identity providers (IdPs) such as DingTalk, AD, and Lightweight Directory Access Protocol (LDAP) to IDaaS. | Supported | Supported |
Synchronization of accounts and organizations from IDaaS to DingTalk. | Supported | Supported |
Synchronization of accounts and organizations from IDaaS to IdPs such as AD and LDAP. | Not supported | Supported |
Features such as SSO, account synchronization, and API operations for pre-integrated applications. | Supported for some applications | Supported |
Features such as SSO, account synchronization, and API operations for standard and self-managed applications. | Not supported | Supported |
Logon features such as Short Message Service (SMS) verification codes, DingTalk QR codes, and AD delegated authentication. | Supported | Supported |
Two-factor authentication by using one-time passwords (OTPs), SMS verification codes, or email verification codes. You can enable two-factor authentication on every logon or allow IDaaS to determine whether to enable two-factor authentication. | Supported | Supported |
Basic security features such as password complexity requirements and weak password detection. | Supported | Supported |
Advanced security features such as password initialization, requirements to regularly change passwords, password history, and reset of forgotten passwords. | Not supported | Supported |
Permissions on applications granted to accounts, organizations, and groups. | Supported | Supported |
Query of management, user, and synchronization logs. This period is not the log retention period. | You can query logs in the last seven days. | You can query logs in the last year. |
Personalization features such as icons, names, SMS templates, and email templates. | Not supported | Supported |
Dedicated endpoints. | Not supported | You must purchase a dedicated endpoint before you use the dedicated endpoint. |
Some free and upcoming features are not described in the preceding table.
After an Enterprise Edition instance expires, the instance is automatically downgraded to a Free Edition instance. The data of the instance is not deleted after the instance is downgraded. You can upgrade the instance to an Enterprise Edition instance to continue using the paid features.
Billing of IDaaS Enterprise Edition
IDaaS EIAM V2.0 supports the subscription billing method. You are charged based on the number of accounts in your instance. You can enjoy a lower unit price if you have more accounts in your instance.
The prices that are displayed on the buy page prevail. If you have questions, contact technical support in the DingTalk group (ID 33328593).
Billing of dedicated endpoints
Dedicated endpoints allow you to synchronize AD and LDAP data and enable delegated authentication without enabling public ports. You can also connect your instance to the Internet over a dedicated public IP address. For more information, see Endpoints.
You can purchase a dedicated endpoint quota when you upgrade an IDaaS instance from the Free Edition to the Enterprise Edition or upgrade the specifications of an Enterprise Edition instance. The price of a dedicated endpoint is 30% of the total fee for the number of accounts in an Enterprise Edition instance.
If an Enterprise Edition instance is released, the instance is downgraded to a Free Edition instance. In this case, the dedicated endpoint of the Enterprise Edition instance becomes unavailable. The dedicated endpoint is automatically deleted one day after the Enterprise Edition instance is released. Resources and data cannot be restored after the dedicated endpoint is deleted.