• @[email protected]
      link
      fedilink
      English
      3310 months ago

      I’m honestly baffled this is a thing (but appreciate learning the condemning phrasing of “SSO Tax”).

      We implemented federated auth support for Entra, ADFS, and OIDC straight out the gate in our project. It’s just a base platform feature, regardless of tier. Charging for it would be like charging for MFA/2FA. I mean, it’s great for us. I’d prefer if everyone used the feature. What the utter fuck are some vendors thinking?

      • Shadow
        link
        fedilink
        English
        1810 months ago

        Tell me about it. Github goes from $4 to $21 per user per month, and the only feature I want is sso.

      • @[email protected]
        link
        fedilink
        English
        1310 months ago

        I suspect it’s a cost/capability/requirements thing.

        The larger the corporation, the more likely they’re going to have SSO as a minimum requirement. The more inflexible your customers are, the more you can charge.

        • @[email protected]
          link
          fedilink
          English
          310 months ago

          That’s more or less it.

          For example, I’ve got somewhere around 700 users. If we don’t have SSO (SAML preferred, oauth as a fall back, and good whiskey is required for ldap/ad) whatever your attempting to buy won’t pass review. Now Timmy the sales drone knows that, and so does their leadership - hence the SSO tax.

        • @[email protected]
          link
          fedilink
          English
          010 months ago

          Entra’s free tier offers federated / SSO so basically every company with an MS license (which is an overwhelming majority, in my experience) can do SSO if they wanted to.

    • @scarabic
      link
      English
      -310 months ago

      This very thread shows how SSO is a security feature and has value. They’re charging for something that has value. Thats a price, not a tax.