zlacker

[return to "Show HN: Skip the SSO Tax, access your user data with OSS"]
1. ThePhy+Gj[view] [source] 2023-04-11 14:19:43
>>mathia+(OP)
How does that solve the problem SSO typically solves? It seems you're trying to replace it by syncing users from different tools? That seems worse than SSO and is unlikely to be acceptable, as most security certifications require SSO as a best practice, manually syncing users from different tools won't cut it. Also, implementing SAML-based SSO from scratch isn't that difficult, I did it for our enterprise product and it's barely 500 lines of code. However, we had a nice role-based access management in our tool already, so adding SSO was just a matter of mapping SSO data to our internal role models. That part is usually what causes most effort, i.e. fine-grained access control for different parts of your application, SSO just provides the identity and group management layer that you can use as a basis for that.

Apart from that, SSO is just a handy feature that non-Enterprise customers usually don't need while Enterprise customers do, so it's ideal for differentiating customers. That said an Enterprise edition contains much more than SSO in many cases, e.g. audit logging, containerized deployments, extensive support, etc.. That's what you pay for with an Enterprise offering, the SSO feature is just a small part of that.

◧◩
2. fiddle+vr[view] [source] 2023-04-11 14:54:50
>>ThePhy+Gj
> SSO is just a handy feature that non-Enterprise customers usually don't need while Enterprise customers do

This isn’t true, IMO, most people just don’t realize there’s an alternative to one user account per service. We’ve convinced non-enterprise users to use an objectively bad solution of password managers because every SaaS service hides their SSO option behind enterprise pricing.

◧◩◪
3. michae+kJ[view] [source] 2023-04-11 16:06:49
>>fiddle+vr
Eh, practically every service will let you 'log in with google' (or equivalent) for free if you're the sort of user who prefers that to a password manager.

SaaS companies want to charge a lower price to price-sensitive customers like bootstrapping startups, and a higher price to price-insensitive customers like big corporations; and they need some way to draw the line. And the moment you've got time to waste on things like SOC2 that drive you towards SSO - you are a price-insensitive organisation.

◧◩◪◨
4. fiddle+IV1[view] [source] 2023-04-11 21:22:34
>>michae+kJ
It’s sort of funny to me that if you go back to the timeshare computer systems of the 70s, everyone took for granted that you logged into the “network” and then the access you had depended on the permissions your user had. Today, we log into our computers and then we spend lots of time every day juggling credentials for the third party services we use. And, to make it worse, companies expect you to use various SaaS apps for day-to-day life and then block (or the apps just don’t provide) all the means to automate repetitive tasks.
[go to top]