| ▲ | tptacek 2 days ago |
| This pops up on HN about once a year, and it's worth calling out that the SSO tax has mostly nothing to do with technology or with support costs and mostly everything to do with market segmentation. One of the clearest segmentation signals you get is that bigger, less price-sensitive customers all require SSO (because their SOC2 attestations require it). You can get irritated about pricing systems that soak price-insensitive customers, but remember that the big price-insensitive customers pay for the price-sensitive customers, which is why this kind of segmentation is practically universal. Previously, on this, from me: https://news.ycombinator.com/item?id=29892664 |
|
| ▲ | Aurornis 2 days ago | parent | next [-] |
| > but remember that the big price-insensitive customers pay for the price-sensitive customers The fallacy is thinking that the alternative is for everyone to pay the lower price and get the enterprise features. In reality, without market segmentation a singular price for everyone would fall much closer to the enterprise price than the non-enterprise price. You can call it an SSO tax, but it would be equally correct to refer to the lower price as the non-corporate discount. |
| |
| ▲ | mr_toad 2 days ago | parent | next [-] | | > In reality, without market segmentation a singular price for everyone would fall much closer to the enterprise price than the non-enterprise price. That totally depends on the relative elasticity of supply and demand. It’s not very intuitive, but price discrimination (usually) results in too much demand for a good/service and a deadweight loss of consumer surplus. In the worst case scenario all consumer surplus can be arrogated to the producer, and an extreme oversupply of the product. Imagine a cheap drug that could be sold for whatever amount of money the consumer had available. | | |
| ▲ | foota 2 days ago | parent | next [-] | | Price discrimination allows producers to capture consumer surplus from consumers with a greater WTP than the otherwise price, and to offer the product at a lower price to those with a lower WTP. In a monopoly, this means that the quantity supplied may be greater, but it would still be no greater than under perfect competition (necessarily so since the monopolist would never offer the product at a lower price than their MC, which is where price would be under PC). You can see this because there is no consumer that would buy under price discrimination that wouldn't buy under PC, and everyone with a WTP greater than MC buys either way. Anyway, I agree that price discrimination results in the producer capturing more consumer surplus, but it can potentially be beneficial for those with a lower WTP in return for hurting those with a higher WTP. | |
| ▲ | mercutio2 2 days ago | parent | prev [-] | | There are many arguments I've heard about price discrimination being annoying, but deadweight loss is not one of them. Quite the opposite, fixed prices in the presence of undeserved pricing power results in a less than socially optimal amount of production, and price discrimination tends to reduce that. To say nothing of the implicit argument that software service providers have undeserved pricing power; I think that's begging the question, but it's not really relevant to my quibble here. |
| |
| ▲ | 2 days ago | parent | prev | next [-] | | [deleted] | |
| ▲ | cj 2 days ago | parent | prev [-] | | Are you saying companies should provide a discount for not using SSO? Or charge everyone the enterprise price to remove segmentation altogether? Edit: I think I see what you’re saying. Although you’d likely welcome the same criticism if you refer to it as the non-corporate discount. | | |
| ▲ | YetAnotherNick 2 days ago | parent | next [-] | | > Although you’d likely welcome the same criticism if you refer to it as the non-corporate discount. Why? eg no one questions students discounts. | | |
| ▲ | j45 2 days ago | parent | next [-] | | Nor question non-profit discounts, or even startup discounts. | |
| ▲ | cj 2 days ago | parent | prev [-] | | I’m not saying it’s a bad idea. Only saying it won’t satisfy the people who don’t like the “SSO tax”. There’s no difference between giving someone a discount vs. charging them less in the first place without a discount. It’s semantics. It wouldn’t actually change what people end up paying at the end of the day. It’s just framed as a discount instead of an upsell. Like if airline charged first class prices, but gave a “discount” for accepting an economy seat. (Same thing, just framed differently) | | |
| ▲ | rexer 2 days ago | parent [-] | | Framing is everything, though. See complaints around Tesla pricing for the same battery hardware with different software. |
|
| |
| ▲ | TylerE 2 days ago | parent | prev [-] | | Why not? Just like some companies offer discount plans that come with no/very limited tech support, and others charge 10 or 20x for the same product bundled with a high level of support. | | |
| ▲ | wkat4242 2 days ago | parent [-] | | Most of the big players like Microsoft charge enterprise customers for support on top of everything else. And this "premium support" still sucks. Microsoft outsources to Accenture who then outsource again to some random dopey small companies in the middle East so you get calls in the middle of the night from Qatar by someone who has no more knowledge than what the docs say. Which you've already read yourself otherwise you wouldn't have gone through the hassle of logging a ticket. Because outsourcing causes barriers between the people who built the thing and the people who support it. In most of these cases we either give up because the support is so useless, or someone high up calls Microsoft and gets the case escalated away from Accenture to someone in Microsoft who actually knows something. Personally if I were a CIO I would really be pissed at having to pay for this kind of "support". But yeah these guys rub shoulders with Microsoft all the time who tell them it's all amazing. |
|
|
|
|
| ▲ | mooreds 2 days ago | parent | prev | next [-] |
| I like Patio11's characterization[0]: > The right way to think of the "SSO tax" (where companies charge extra for security features) is "You are being offered a dual use product backed by a strong engineering team for far less than it would otherwise cost, with sophisticated enterprises picking up the slack." That said, TLS/SSL used to be the preserve of the enterprise too (or at least the ecommerce site). There are lots of free options, including 3rd party servers and libraries. I'm hoping eventually SSO will be, if not in free versions, at least not isolated to enterprise plans. 0: https://x.com/patio11/status/1481293027331440640 |
| |
| ▲ | maxwellg 2 days ago | parent [-] | | Many "softer" forms of SSO have trickled down too. Google + Microsoft OAuth are ubiquitous today without any upchage. OAuth from a Google Workspace account managed by an IT admin has many of the same security guarantees as SAML or OIDC from a Google Workspace account, at least for a small player. There are some sketches like https://easie.dev/ that explore this further. |
|
|
| ▲ | jedberg 2 days ago | parent | prev | next [-] |
| > and it's worth calling out that the SSO tax has mostly nothing to do with technology or with support costs I'm surprised this is at the top. My experience, and the experience of nearly all the commenters below, is that SSO is by far the biggest support burden they have. SSO costs extra because it costs extra to support them. Market segmentation is a nice side effect though. |
| |
| ▲ | tptacek 2 days ago | parent | next [-] | | I support SSO as well, and have in previous roles, and support costs did not drive SSO pricing. One way you can see this is the case is that there are stiff SSO taxes from some vendors who don't even do custom SSO, just OIDC. The major identity support cost is 2FA, because people constantly lose it, and you need to design and manage an account recovery process. | | |
| ▲ | haswell 2 days ago | parent | next [-] | | To add an anecdote from the other perspective, I was the PM for the authn/z capabilities of a big enterprise platform. SSO was one of the greatest support burdens due to the numerous protocols we supported and the vast array of sometimes bizarre, often complex auth environments across the customer base. The biggest hidden cost came from the complete lack of consistency in auth implementations from 3rd party vendors, i.e. it wasn’t enough to implement the SAML/OIDC/etc specs, because many of the systems our customers wanted to connect with had not implemented to spec. This is all prior to dealing with 2FA which was definitely another major factor. | | |
| ▲ | tptacek 2 days ago | parent | next [-] | | If you just supported OIDC, you'd still have upcharged for it, at least unless you had an ideological reason not to (we don't, for ideological reasons, but I sort of rue that decision). | | |
| ▲ | haswell 2 days ago | parent [-] | | I realize in retrospect my comment was probably confusing as written. The company didn’t charge extra for SSO despite the support cost, also for ideological reasons. But they were also singularly focused on large enterprise customers so it was table stakes. Plenty of other platform modules to upsell. My point was mostly to highlight that it can be costly for a bunch of reasons. |
| |
| ▲ | Too a day ago | parent | prev [-] | | But with SSO you can offload all the 2FA handling to the IdP. | | |
| ▲ | haswell a day ago | parent [-] | | Most customers did. But due to a wide variety of customer types and various hybrid auth environments, we had to support 2FA directly in-platform as well. There were also privilege elevation scenarios to consider, e.g. to access highly sensitive data, the current authenticated user must enter a 2nd factor to continue. |
|
| |
| ▲ | Marsymars 2 days ago | parent | prev | next [-] | | > The major identity support cost is 2FA, because people constantly lose it, and you need to design and manage an account recovery process. Some of this is self-inflicted, e.g. a few of my banks only support 2FA via their own apps, so while I'd never lose my TOTP code, it's a hassle every time I lose my phone. (Or it breaks, is stolen, etc.) | |
| ▲ | Aeolun 2 days ago | parent | prev [-] | | But for enterprise SSO they get to handle all that right? That’s a pure win for your support burden. | | |
| |
| ▲ | akanet 2 days ago | parent | prev | next [-] | | I ran a company that did price segmentation on SSO, and it's the other way around. The burden of supporting the buggy piece of crap that is SAML SSO is the cost of the privilege of being able to perform such sharp segmentation. | | |
| ▲ | jedberg 2 days ago | parent [-] | | Except the segmentation isn't all that sharp. With Google domains et al almost everyone wants SSO now, even the smallest of companies. | | |
| ▲ | tptacek 2 days ago | parent [-] | | It's not that small companies don't want it, it's that they're capable of not getting it. Larger companies aren't: one thing their SOC2 auditors will actually be able to evaluate is whether all their vendors do SSO. |
|
| |
| ▲ | behringer 2 days ago | parent | prev | next [-] | | It's segmented even in OSS software to the point where it's the first thing I have to check when deciding what software is going to run on my home server. | |
| ▲ | erazor42 2 days ago | parent | prev [-] | | Agree, I have implemented a few provider and every time they implemented their own interpretation of the spec. In the end you end up checking each provider to make sure everything works as expected. |
|
|
| ▲ | vosper 2 days ago | parent | prev | next [-] |
| > mostly nothing to do with technology or with support costs Support costs aren't zero though. I work for a company with a lot of corporate customers and we get loads of SSO support tickets. People are always misreading the docs, (mis)configuring things against our recommendations, migrating systems, merging systems (due to acquisition etc)... |
|
| ▲ | andy99 2 days ago | parent | prev | next [-] |
| Also, enterprise customers are way more work, the sales cycle is longer, the compliance and onboarding stuff takes more time. There's a very legitimate case for building that into one's pricing, and it's really the same reason these companies appear price insensitive. If they had people lining up to give them a better price, they'd presumably take it. |
|
| ▲ | limagnolia 2 days ago | parent | prev | next [-] |
| I run a very small business, SSO is still very high up on my feature priority list, and I have passed on software/services I would have otherwise used for competitors that offered SSO at a lower entry-point. |
| |
| ▲ | magicalhippo 2 days ago | parent [-] | | We have Github Enterprise licenses for all our developers. All 7 of them. Similar with other services. Just because of SSO, as we don't have the manpower to handle the compliance stuff our customers demands otherwise. |
|
|
| ▲ | ryanisnan 2 days ago | parent | prev | next [-] |
| Can you clarify, are you suggesting that the bills footed by large orgs that require SSO are paying the bills for these features? |
| |
| ▲ | 0cf8612b2e1e 2 days ago | parent | next [-] | | I think the implication is that without a few whale customers, the minimum price would be significantly higher for everyone. The SSO whales subsidize everyone else. | | |
| ▲ | bryanrasmussen 2 days ago | parent [-] | | I sort of feel that the way most software pricing works is that it is the big customers who pay for features in everything and the small customers get brought along for the ride, in short I think it's the same as SSO for basically all functionality. |
| |
| ▲ | mikepurvis 2 days ago | parent | prev | next [-] | | I expect like any industry, most SaaS operations are floated by a smaller number of whale customers, and everyone else is running a lot closer to (or at) break even in terms of cost, but serve as advertising, testing, and vendor-validation that allows that next whale to pull the trigger. | |
| ▲ | jaggederest 2 days ago | parent | prev | next [-] | | It's true both in the micro sense ("We wouldn't have developed the headache that is SSO without a cornerstone customer demanding it and paying $XXXk"), and in the macro sense ("Our business would not be a going concern without the significant revenue provided by enterprise customers") | | |
| ▲ | ryanisnan 2 days ago | parent [-] | | Interesting. I wouldn't have thought that running an SSO integration is that painful. I've done it before, albeit for a single enterprise client, and while annoying at first, after delivery was just like another feature. | | |
| ▲ | jaggederest 2 days ago | parent [-] | | The real issue is not the first one, the issue is the 2nd and 3rd, and 10th, will all have some minor idiosyncrasy. There are other posts in this thread that discuss it more in depth - I have only enough personal experience to know that this particular stove is hot. |
|
| |
| ▲ | trollied 2 days ago | parent | prev [-] | | Yes, your 2 seat small business isn't paying the bills. |
|
|
| ▲ | raxxorraxor 2 days ago | parent | prev | next [-] |
| I don't think SOC2 specifically demands SSO and just encourages it. Probably good, since such security mandates often age badly, even such a broad concept like SSO could fall victim. And there is always that one tool that isn't integrated, ironically inhouse software often neglects it. But otherwise I believe you are very on point. Although from a developer perspective perhaps it should be segmented the other way around. If I can outsource to identity providers, I have delegated a lot of risk and work. And while the initial implementation might be a bit more cumbersome, in the long run it certainly is less development intensive than providing a complete user management interface. And maintenance for a few keys is easier than user management, even if you still have to do some of that. Perhaps not using SSO should be marketed as some privacy focused benefit, which is more expensive. |
| |
| ▲ | tptacek 2 days ago | parent [-] | | It doesn't specifically demand it, but (1) SSO is the simplest way to knock out a huge swath of control objectives, and (2) once you attest to a control like SSO, it's extremely annoying to pull that back. If you hire security/compliance/engineering management to take you through SOC2 and they don't set up and attest to SSO, they're bad at their job. |
|
|
| ▲ | 3acctforcom 2 days ago | parent | prev | next [-] |
| Security is an optional feature? You must be a sales executive... |
| |
| ▲ | mixmastamyk 2 days ago | parent [-] | | SSO doesn't add security, it enables bulk management of accounts. Which only affects security in an indirect way. | | |
| ▲ | raxxorraxor 2 days ago | parent | next [-] | | Technically it doesn't add security, but I think the recommendation for SSO stems from the reality that peoples behavior gets worse if they have to maintain more accounts. And if they use the same password, the least secure system affects the others in a classical setup. | |
| ▲ | basch a day ago | parent | prev [-] | | the human side of security, the one thats more often breached. |
|
|
|
| ▲ | hackitup7 2 days ago | parent | prev | next [-] |
| Thank you for adding some sanity to this discussion – this is ultimately a matter of economics, and the R&D effort to add and maintain these features is not trivial. |
| |
| ▲ | sparrish 2 days ago | parent [-] | | I think you missed the point. The costs isn't insomuch R&D, it's in support. Users struggle with SSO and so we get tickets; techs answering tickets costs money. | | |
| ▲ | raxxorraxor 2 days ago | parent [-] | | On the other hand you have dev time that needs to save user passwords in a secure way. And this is the part of software that requirements maintenance and updates. Sure, other software needs that too. Some enterprises use their own identity provider and I would prefer that as well. Usually that is probably some windows ldap database that can easily be integrated, but there are a lot of other solutions as well. |
|
|
|
| ▲ | croes 2 days ago | parent | prev | next [-] |
| So the price insensitive get the security the price sensitive can’t afford. That’s the same logic some use to explain why university fees have to exist opposed to being tax funded, because otherwise the poorer would finance the education of the wealthy totally ignoring that higher costs are the barrier that makes less likely that the poorer can study in the first place. |
| |
| ▲ | tptacek 2 days ago | parent [-] | | You can moralize it all you want. All I'm saying is: the alternative to the SSO tax isn't that everyone gets the features they want at the price they want: it's that the price of the low-end product goes up and the price of the high-end product goes down. If you care about distributional effects, that seems like a step backwards. | | |
| ▲ | croes 18 hours ago | parent [-] | | That's not necessarily true. You make it sound like there are only two group. Big Enterprise with SSO and small without but there are also those small who need SSO and can't afford. So the overall revenue and profit could be higher if they offer the SSO at the same price as without | | |
|
|
|
| ▲ | ghostpepper 2 days ago | parent | prev | next [-] |
| shouldn't every new company be using SSO for everything in 2025 and beyond? how long before this no longer becomes a good signal? |
|
| ▲ | themafia 2 days ago | parent | prev | next [-] |
| > but remember that the big price-insensitive customers pay for the price-sensitive customers You mean they more than make up for the loss of those customers? What is the underlying cost on the service? Isn't the profit margin here absolutely absurd since the underlying cost to the vendor is basically zero once their implementation is written? |
|
| ▲ | basch a day ago | parent | prev | next [-] |
| I hate this argument. The local PTA or kids sports league or boutique needs sso as much or more than an enterprise. These may be organizations without an IT department at all, handed down from family to family, where they are transferring a database of gmail passwords. I know gsuite and office365 have free tiers for charity, but the amount of small businesses with a gmail address is staggering. SSO should be a feature for the family as well. A parent should be able to pull up a dashboard and see where all their family gmail accounts are authorized to use as a login from one screen without scrolling. The overall sentiment that SSO creates a support burden is true, but a separate problem that should also be fixed. it _shouldnt_ be complicated for a small team with ten accounts to control group login information, revoke access, lock accounts. |
| |
| ▲ | tptacek a day ago | parent [-] | | As someone who does a lot of local organizing, I really don't think getting SSO set up in this level of organization is a thing that happens enough to impact pricing decisions at Atlassian. Even if SSO was completely free everywhere, most of these kinds of places would still just be using a single shared account with a shared password. Stuff costs money! That's really all there is to the analysis. You can demand that companies not price-segregate customers, but then all you're really saying is that there's no account that the local PTA can afford, because you're demanding that vendors raise prices on the low end and and drop them for customers like Apple and Ford. |
|
|
| ▲ | mathattack 2 days ago | parent | prev | next [-] |
| Yes - it's an enterprise versus SMB distinction that doesn't require asking questions like "What's your revenue?" in the qualification. Enterprises need it. SMBs don't. |
|
| ▲ | Spooky23 2 days ago | parent | prev | next [-] |
| I’d take it a step further and say it helps the customer filter vendors too small to be worth the trouble. At work, I can’t afford free. |
|
| ▲ | cubefox 2 days ago | parent | prev | next [-] |
| Similar reason why there is a big price difference between DVDs and Blu-rays, and why DVDs still exist in the first place. |
| |
| ▲ | RedShift1 2 days ago | parent [-] | | They still make new DVD's? | | |
| ▲ | TylerE 2 days ago | parent | next [-] | | And they still outsell Blu-ray. It’s mostly lots and lots of kids tv. Kids don’t know what 480p means and parents just want discs that are cheaper and more resistant to damage. | | |
| ▲ | bombcar 2 days ago | parent [-] | | Exactly this - and sometimes they don't even bother with two SKUs and give you both in the same container for the DVD price. A surprising percentage of the population cannot tell a DVD from a Blu-ray in motion at home, especially if their TV does upscaling. | | |
| ▲ | TylerE 2 days ago | parent [-] | | Of course physical media as a whole is still way down. Streaming outearns physical by a lot. All physical media is less than half what just blu ray was 10 years ago. |
|
| |
| ▲ | cubefox 2 days ago | parent | prev [-] | | Yes, so they can cover the price sensitive customers, and charge a higher price for Blu-rays for the quality sensitive customers. |
|
|
|
| ▲ | agoodusername63 2 days ago | parent | prev | next [-] |
| This is how I've come to accept it too And honestly when I really really want SSO anyways, I can bolt on vouch proxy for free |
| |
| ▲ | benmccann 2 days ago | parent [-] | | Wouldn't vouch proxy only work with self hosted apps? How would you use it with a SaaS app? |
|
|
| ▲ | sunshowers 2 days ago | parent | prev | next [-] |
| What are your normative views on this topic? |
| |
| ▲ | tptacek 2 days ago | parent [-] | | That there's nothing magic about security to exempt it from economics. | | |
| ▲ | sunshowers 2 days ago | parent [-] | | That's not a normative view (the hint is the "there's" which is a contraction of "there is"). A normative view would use the word should or ought. | | |
| ▲ | tptacek 2 days ago | parent [-] | | Pretty sure I meant what I said. https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu... | | |
| ▲ | 2 days ago | parent | next [-] | | [deleted] | |
| ▲ | drdeca 2 days ago | parent | prev [-] | | Do you mean that you don't have a normative view on it, or that the thing you said was a normative view, or something else? | | |
| ▲ | tptacek 2 days ago | parent [-] | | If you want to fit the word "should" in there somewhere, you can. I think SSO is important, and it would be one of the first 3 things I would stand up at any new shop I went to, but I can think of more important security things that nobody really thinks should be equally distributed across companies. | | |
| ▲ | sunshowers 2 days ago | parent [-] | | Okay: "That there should be nothing magic about security to exempt it from economics." I disagree quite strongly with this! I think a reasonable premium for SSO support costs is fine but severe price discrimination/bundling based on security features is unethical. That is because security issues have large externalities on uninvolved parties. | | |
| ▲ | tptacek 2 days ago | parent [-] | | That's not the fault of the vendor, it's the fault of the customer who refuses to pay for what the vendor charges. You couldn't argue that it would be "unethical" for Atlassian to charge $1000/seat; you'd just say it was too expensive. Somehow though, when you bundle security into that, you don't look at it and say "customers should not use the cheap-o account type and should pay what Atlassian is actually charging for this service, or use a different provider" --- no, they blame Atlassian. No, not valid. It's Atlassian's customer that's on the hook for securing their offerings to their customers. Atlassian is holding up its end of the bargain. If you don't like it, don't take them up on it! I don't! | | |
| ▲ | sunshowers a day ago | parent [-] | | I think as the B2B customer you ought to do right by your users. But as the B2B vendor you have a responsibility to guide your customers towards making better choices. If your SSO plan costs $1000 a month and that's the "true" cost, your non-SSO plan should cost $900 a month to make it unviable for your customers to try and make the bad choice. This is all normative. | | |
| ▲ | tptacek a day ago | parent [-] | | What's a "true cost"? | | |
| ▲ | sunshowers a day ago | parent [-] | | I mean what the vendor actually wants to make the customer pay based on their internal margins. If the intention is to make customers pay $1000 a month, don't price a non-SSO tier at $150 a month. Just my opinion. | | |
| ▲ | tptacek a day ago | parent [-] | | So far as I know, no software in the world is cost-plus priced. | | |
| ▲ | sunshowers a day ago | parent [-] | | I'm not saying software should be cost plus priced. I'm saying that non-SSO shouldn't have an unreasonable discount. |
|
|
|
|
|
|
|
|
|
|
|
|
|
| ▲ | zoeysmithe 2 days ago | parent | prev | next [-] |
| I think this is overly complimentary to big business and what's essentially predatory pricing. The reality is you can't just carve out on feature and say "we pay for this." I mean that's true of a lot of things. The big revenue generators pay for a lot of things, but how things are billed is important. Remember, not to long ago people paid for Netscape, but now its laughable to pay for a browser. Its arbitrary to have this 'buffet' mentality and seems purposely shaming towards people who rightfully complain about ridiculous pricing structures like this. I'm also skeptical that SSO costs vendors money. Maintaining and supporting an authentication database is a huge expense. For every SSO client, its one less Adobe or whatever account that needs to be hosted. Less helpdesk tickets about password resets, etc. SSO tends to be once and done. Hosting millions of accounts and being the sign-on provider for them is not 'once and done.' Lastly, a lot of orgs don't do this. A lot arent SOC2. That means they'll just use whatever account the vendor supplies, and most likely without MFA, but their SSO would have provided that, thus making everyone more vulnerable. This is a great example of how exec salaries and stock buybacks and other things have priority over security because security is seen as a cost-center and without litigation or law, stuff like this becomes the norm. Oh and now there's one more source of passwords out there and another potential hack. This is just greed and predatory. Its not the wonderful largess of big companies. It fact, its quite the opposite. |
| |
| ▲ | Analemma_ 2 days ago | parent | next [-] | | > I'm also skeptical that SSO costs vendors money Sane SSO from clients with clean setups doesn’t cost vendors much money. But take it from someone who has done this work: that’s rarely the case for the megacorps who want SSO integration. They tend to have horrifying AD/Oauth monstrosities, with back-compat requirements that will break your mind and sysadmins of questionable competence. These require lots of bespoke code and lots of meetings— meaning, lots of man-hours that senior ICs are not spending on product— to get right. That’s where a lot of the money for SSO is going, and you can’t exactly say “the price depends on how shit your backend is”, so it has to be enough to prepare for the worst. | |
| ▲ | viraptor 2 days ago | parent | prev | next [-] | | > Less helpdesk tickets about password resets, etc. Pretty much everyone knows the password reset flow these days. Even if they do manage to lose access to everything somehow, the process to restore is mostly standard. On the other hand, SSO issues are long, annoying, and involve engineers rather than first level support. Source: my weeks long support tickets with Okta. | |
| ▲ | skywhopper 2 days ago | parent | prev | next [-] | | Sure sounds like you haven’t done SSO operations for a large SaaS provider. Because it’s much, much more support and engineering work to integrate every random SSO provider, each with wildly customized differences for each customer, all totally opaque to the application provider, versus just having a single unified login system that your support staff has necessary visibility into. | |
| ▲ | 2 days ago | parent | prev [-] | | [deleted] |
|
|
| ▲ | medlazik 2 days ago | parent | prev [-] |
| Small orgs don't need to be SOC2 to have client contracts that require SSO. This is absolute fucking evil behavior and this page shouldn't exist anymore in 2025. |
| |
| ▲ | maxrmk 2 days ago | parent | next [-] | | Evil feels strong? Small companies benefit from having the basic feature set subsidized by big cos. It's kind of hard for me to imagine a scenario where pricing of a saas product could be _evil_. you can just choose not to do business with them! | |
| ▲ | akavi 2 days ago | parent | prev [-] | | It's evil to sell a product for a price higher than you, personally, want to pay? |
|
