[kuschku]

For software to have secure authZ/authN, it should have robust 2FA mechanisms including WebAuthn, properly integrate with access tokens, and support scoped third party access.

Most software only offers simple username/password auth, or a paid SSO option as the only way to get 2FA working. And SSO makes it much easier to revoke access or change passwords if necessary.

I'm running hundreds of services self-hosted just for myself and less than a handful of close friends. I'm using SSO for all of them.

I had to patch SSO into countless services and I actively maintain forks with self-reimplemented enterprise features for almost half of them.

I had to do similar changes to get S3 support, as I use the AGPL version of Minio as storage backend for everything so I only have to setup backups in a single place.

The only reason one could try to argue that these are enterprise only features is if you assume personal users have no need for 2FA or backups.