[bb88]

As another commenter said, get an LLC in place, like now.

Also get a contract in place ASAP. You might have to take maybe some unfavorable terms (source code in escrow, insurance, etc...) to get money up front, but on the other hand the overall money could be more than worth it.

Also I would focus on integrating SSO with their company first, that way they can get it in the door and running on their network so you can get feedback ASAP. F500 companies are notoriously annoying on the security side of things running on their networks.

[sdevonoes]

> Also I would focus on integrating SSO with their company first, that way they can get it in the door and running on their network so you can get feedback ASAP.

Perhaps off-topic, but could you elaborate on how SSO allows them OP's Saas to run on THEIR network? I imagine SSO would just allow the company to log in to the OP's Saas using company's email address (or something similar)... but the Saas will still run on OP's network (the cloud?)

[bb88]

If you're running it on the customer's network, then SSO needs to be in the log in loop. (Customer hosted gitlab, e.g.)

If you're running it on the cloud, than the customer has to have an SSO exposed for your app's login to hit it. The reason SSO is important is that if people are terminated SSO can be updated instantly to reflect that and instantly remove access to critical data.