This is an automated archive made by the Lemmit Bot.

The original was posted on /r/opensource by /u/mathiasnx on 2023-11-29 15:03:12.

Ever heard of the SSO Tax? In short, it’s a tactic where software vendors bully security-conscious companies to upgrade to costly enterprise plans. They do this by gating SSO (Single Sign-On) features behind their priciest options, causing companies to pay up to 70 times their standard rates.

As a former CTO at a security-conscious company, I’ve faced the tough choice of skipping costly enterprise upgrades, even when SSO was crucial.

Take a look at Notion: to access SSO, they casually double their standard pricing.

Imagine buying a Tesla and being charged extra to unlock full braking power. That’s what SSO Tax is - vendors exploiting a built-in feature, essential for security, to extract excessive fees.

So, why initiate a new project?

Rob Chahin’s work on sso.tax initially highlighted this issue. However, the site’s updates dwindled, and data became outdated. Despite offering assistance, I received no response, leading to the creation of . While there has been short spike of activity post-fork, it already stopped again. That’s what we’ve seen often in the last few years. Instead, I want to give the topic the attention it deserves.

In addition of integrating all pending PRs and enriching the data, I’ve introduced a new feature: “Friends of SSO”. We should not only call out unfair practices but also praise vendors who are committed to security!

Furthermore, I’d love to raise awareness about vendor practices by utilizing Twitter and Linkedin to publicly praise or critique them. The goal is to get attention for the topic, ideally sparking conversation with the vendors involved.

What are your thoughts on getting rid of the SSO Tax? Excited to hear your ideas!