Interesting article, thanks for the link!
If a company uses its main domain in the same way gitlab does,
SSO is the only way to avoid security flaws.
We do not support SSO now, but implementing it is feasible.
Feel free to send us an email if you have a company IdP and you want to use Sametab.