[jameskilton]

Full disclosure: I work at WorkOS (https://workos.com/), we provide SSO (among other things) as a service.

I glanced through the report and it comes to the normal conclusion that SSO is hard and expensive to get right. Do SMBs focus on providing value to their customers in the problem space that they are experts at or do they spend months just getting sign-in working?

Yeah I get the concern about the "SSO tax" but unfortunately SSO isn't free. Someone is paying for it somewhere, be that implementation, outsourcing to a service, and/or maintenance and customer support for the live of the product.

That said there are a lot more services and libraries out today that try to make this easier such as https://www.passportjs.org/ (which WorkOS sponsors).

[ArchOversight]

SMB's are the customers of products that offer SSO but only at the enterprise level. CISA is arguing that the enterprise level of the software SMB's need to operate is too expensive and thus SMB's don't end up buying a license tier that includes the ability to hook into their already existing SSO (likely Azure Entra ID or Google Workspaces, sometimes Okta).

The SMB's already have SSO, they just don't enable it for the SaaS products they buy because of the price.

[Dachande663]

We’re current users of workos, for both the SSO and directory sync (which I love) features, but unfortunately the pricing means we have to charge our customers more for it. SSO+DS exceeds the cost of our base plan leading us to having to look at other alternatives and move away eventually :(

[tatersolid]

Same here. As a SaaS provider to SMB, all the major auth vendors (Okta, Ping, WorkOS, etc.) are ludicrously overpriced and would require us to double our own pricing.

Except Entra ID for customers, which is fairly priced and has a magic “just works automatically for any M365 customer” feature. It is quite stupid and confusing in many other ways but at least it makes fiscal sense.