[Eduard]

Self-hosted Gitlab instances also can act as authentication services.

Connecting git with an internal AD/LDAP allows for not requiring Azure AD.

[jmathai]

This isn’t a solution for enterprises, however.

[eastbound]

For juniors: Enterprises and even small startups need to comply with their industry’s security certification (PCI, ISO, whatever) which requires traceability of logins (and central revocation when employees quit and provably complex passwords and inability to retry 100 times, etc.)

[pdimitar]

I'd love to read more about it. Got any links?

[guoqi]

Here has one related post: API Security with OIDC by using Apache APISIX and Microsoft Azure AD

https://dev.to/apisix/api-security-with-oidc-by-using-apache...

[mutt2016]

If it's just SSO, I have many good things to say about keycloak.