[mdtusz]

I'm sure many will disagree, but just implement it yourself if you're an SP.

If you're using a common web framework, there's almost certainly packages/plugins that will manage SSO and 2fa, and despite the constant fud, dealing with user accounts really isn't all that hard. More importantly, understanding the mechanics of your user account system will pay dividends as your product grows and new authN/Z requirements arise.

[bagels]

Apologies that my question wasn't clear enough. I am building a remote company and we use a ton of products. I'd like centralized authentication + sso + ability to enforce yubikeys for AWS, Jira Cloud, Bitbucket, and a ton of others that OKTA supports for SSO.

[mdtusz]

Azure Active Directory manages this well. If your company uses office365, it's likely you already are using this under the hood.

[jf]

(Disclaimer: I’m an Okta employee)

Okta works really well in your use case. I recommend trying it out yourself.

Since you mention YubiKeys, I’d also suggest that you try removing passwords from your setup entirely by using YubiKeys and one or more other factors.

If you don’t want to use Okta, I’m also happy to give you my take on the alternatives to consider. Feel free to reach out to me directly.