[aeyes]

It depends on the employee you target. If it is someone working on internal IT systems, chances are high that you gain pretty wide access after owning their SSO.

SSO can go down or get owned so having break glass credentials isn't unheard of. The last place I worked at had them on paper in a safe in their headquarters. The Twitter threads show that they were stored in a password manager but the hacker was able to find credentials to access it which could have been one of the responsiblities of the employee which was targeted.

If you have your password manager on SSO it will be even easier.