A fintech that can't pay $14 per user? How many employees do you have? "hours per quarter" but it's not worth the money? Where's the problem? Either you spend the money on a few hours of work for an intern or you fork over SSO money.
SSO isn't a tax. You either need a single method to disable an account across all providers instantly and enforce password policies globally, or you don't. Do the risk vs reward math and then put the line item in your budget. Get a discount or use a reseller to avoid retail.
It'll be that price multiplied by how many SaaS tools you use, each of which will have some premium for their Enterprise plan supporting SSO, and typically they won't be transparent about what the price is or how to sign up for it, so you'll then have to go through the steps of negotiating an enterprise plan. Spending a few minutes to figure out their API sounds more fun
It’s really a cost/time to market comparison between the SaaS and you just using SharePoint or managing some substitute. If you’re proposing to drop $80 u/m for Airtable, there better be a tight business case.
I would argue that any company with 3 or more employees needs an SSO.
Back in the day SAML was the only game in town, SSO was an enterprise feature. Nowadays with oAuth/OIDC, this is a no brainer and you can get a basic setup going with plain Google Workplace (Gsuite/Gapps/...) without the need for anything else.
Yet SSO keeps being bundled in the premium feature list of most of the SaaS products out there, costing 10x to 100x more per user.
14$ sounds pity, but when you take it in the equation of "price per slot * total slots * products * 12 months", you can get to some serious numbers even for a small 10 people company.
Notice I said "slots". That's because the nasty trick lots of SaaS do nowadays to boost their profits. They will auto provision a slot when a new user onboards, but when that user account gets removed (with or without SSO), they will keep charging you for the slot until an admin goes and reduces the slot amount by 1. This is something that AccessOWL can help with, I suppose.
Indeed, that became a bad practice... Zoom, Calendly just to name a few do that. That's so stupid and just not customer-friendly at all. Whenever I see this, I start searching for an alternative...
But there are also role models in the market like Slack that prorate even based on days after a user was deactivated. And they even remove users from billing when there were inactive for a longer period. Very kind :-)
If it's one tool, it's not a problem. If it's every tool, it becomes a problem quickly. I had a tool that moved from 300/month to 2,000 a month just for SSO (for our needs.) Launchdarkly is just not usable due to the additional price for SSO.
It's absolutely a tax if it's the only feature you need.
SSO isn't a tax. You either need a single method to disable an account across all providers instantly and enforce password policies globally, or you don't. Do the risk vs reward math and then put the line item in your budget. Get a discount or use a reseller to avoid retail.