I’m honestly baffled this is a thing (but appreciate learning the condemning phrasing of “SSO Tax”).
We implemented federated auth support for Entra, ADFS, and OIDC straight out the gate in our project. It’s just a base platform feature, regardless of tier. Charging for it would be like charging for MFA/2FA. I mean, it’s great for us. I’d prefer if everyone used the feature. What the utter fuck are some vendors thinking?
I suspect it’s a cost/capability/requirements thing.
The larger the corporation, the more likely they’re going to have SSO as a minimum requirement. The more inflexible your customers are, the more you can charge.
For example, I've got somewhere around 700 users. If we don't have SSO (SAML preferred, oauth as a fall back, and good whiskey is required for ldap/ad) whatever your attempting to buy won't pass review. Now Timmy the sales drone knows that, and so does their leadership - hence the SSO tax.
Entra’s free tier offers federated / SSO so basically every company with an MS license (which is an overwhelming majority, in my experience) can do SSO if they wanted to.