By Dr. Canming Jiang is founder and CEO of Datawiza
A CEO recently told me his company can’t take their solution upmarket without the stronger authentication and single sign-on (SSO) capabilities that Fortune 500 companies need.
Adapting to the wide array of new identity platforms and tools that customers are requesting, he explained, requires too much precious developer time, risking a slower pace of innovation and forcing
uncomfortable conversations about pricing models that the market may consider exploitive. (Check
out the SSO Wall of Shame, a list of vendors that one GitHub member believes are overcharging for
I challenged the CEO that he needs to be three steps ahead of customers. Just as no one would
think of building an HTTP website today when HTTPS is standard, he needs to deliver Burger King-
style “have it your way” SSO and other access and provisioning capabilities now because these are
going to be table steaks before long.
Login freedom is a must.
Let’s back up a bit. Security risks abound, so implementing the security your customers need can’t be
an option, even if they’re not explicitly asking for it today. One thing automotive CEOs Elon Musk
and James Farley agree on: Powerful, responsive automotive braking systems are not optional. I
believe that we are at this same place now with respect to SSO, and we will be there sooner than
you think with tomorrow’s security protocols.
Companies are adopting any number of modern identity platforms –such as Okta, Azure AD and
Google – to increase security, enable SSO and multi-factor authentication (MFA), offer better and
more productive user experiences and provide visibility into user activity. The complexity of
optimizing SaaS software to run in any cloud, and support any IAM platform has opened the door to
what I believe borders predatory pricing. Customers should not have to pay double or even triple the
standard price for B2B SSO integration because the market has not settled on one IAM winner yet,
and it’s too costly to incrementally support what individual customers are using.
Breaches are unfortunately all too common. So whether your customer is a manufacturer, school
district or government agency, they either have – or will soon have – a tool to identify and set access
privileges for employees, partners, and customers. From the perspective of your sales team,
supporting all possible SSO options today is a dream. Doing so is one less detail that can knock your
solution out of the qualification process. I would go so far as to say that it should be part of any
minimum viable solution.
However, the challenge doesn’t stop at SSO. Companies are constantly looking for new ways to
make it easier and safer for users and customers to access applications, which may involve a mix of
strategies. The latest trend is social logins.
Zoom is a great example of this, and it’s becoming a must-have feature of B2B applications. As a vendor, you don’t have a crystal ball to see what’s next
– and the last thing you want to do is sink costs into constantly responding to the latest access
But then again, can you afford not to if your competitors are doing it?
The cost and pricing predicament.
One rosy way to get around the challenge of evolving login strategies is to charge premium fees for
SSO and whatever comes next. Mature SaaS vendors can better afford the development costs –
including headcount for a couple of extra security experts. And many larger enterprises are more
than willing to pay those premium fees because verifying access is essential for security and tools
like SSO deliver a more acceptable user experience.
It’s a legitimate approach, but how long until this falls out of favor? Are you pricing yourself out of
customers who don’t want to pay the SSO tax? Will hiring development and security resources cut
into your already razor-thin margins?
Is “have-it-your-way” SSO a realistic mantra?
What is not supporting a range of SSO options costing you? The flip side of that coin is how much
does it really cost to support each identity platform? Clearly some vendors on the SSO Wall of
Shame are price gouging, while others are passing on legitimate costs.
The CEO and others I’ve talked to told me it takes several months to integrate the first identity
platform, and it can still take a month or more to integrate each additional platform even after the
team is experienced. (SDKs and APIs from IAM platforms are not as magical as some of us would
like to believe.) And then there is the cycle of constant maintenance and fixes. This is a huge cost
and an endless distraction for developers who should be focused on the critical product roadmap.
These costs can be passed on in some way to customers. In my view, the market should decide
SSO pricing and vendors that can justify charging exorbitant premium fees for SSO have every right
to do so.
But innovation doesn’t always come from those with the deepest pockets, and not every SaaS
vendor can throw more bodies at “have-it-your-way SSO,” providing the capability for free or for a
minimal additional fee. There are always tradeoffs, but as an industry, we need to think about
whether trading off our own software innovation for something that will soon be table stakes is good
for our customers.
The key to driving SSO-for-all is adopting an innovative no-code strategy that eliminates the need for
one-off development, enabling support for any identity platform with just a few clicks and all the
required security already built-in. Ideally, wouldn’t it be great if your customer support team could
enable the SSO flavor your customer needs, leaving developers to work on the next big thing?
The world is going no-code for a reason. Business users, accustomed to the simplicity of consumer-
based SaaS applications will no longer tolerate cumbersome Stone Age enterprise software. No-
code platforms are the key to delivering modern applications faster. Who hasn’t heard of Webflow,
Squarespace or Shopify for DIY website building tools? And tools abound for other development
areas, such as mobile apps and online courses.
To continue leading our markets, B2B SaaS vendors must support every possible login strategy that
customers want – username/password, SSO, social login, passwordless, and any other secure and
user-friendly strategy that comes along. Think of it as comprehensive connectivity for your
customers. Gartner has a name for this market: Customer Identity and Access Management (CIAM).
It’s where the industry is going.
Dr. Canming Jiang is founder and CEO of Datawiza