[Terretta]

We prefer one that doesn't try to store employee creds, and lets only current employees use the service seamlessly.

As a small business (< 100 devs), we happily allow SaaS tools but only if the tool supports OIDC ("Continue with" or "Sign in with" buttons) for a domain, or SAML (traditional SSO).

The OIDC/Oauth2 path is straightforward to implement then "no brainer" for new sign-ups (no SSO support nightmare). If tied together with a domain name match supports it is good enough for almost every U.S. small to mid business, from tens to thousands of employees, even regulated businesses.

Letting even a one person company control access to services the company uses is not "enterprise", it's just security matters 101.