
Enhancing SaaS application security with SSO and MFA - cobano
http://frontegg.com/blog/enhancing-saas-application-security-with-sso-and-mfa
======
bearjaws
My only wish was that SAML wasn't such a pain in the ass. From the libraries
that support it to the poor tooling that can be used to test it.

It seems like the people tasked with managing identity providers don't
understand how to set them up properly, and there is too much flexibility in
the specification that lets people set up SSO in very different ways.

Our SaaS app added SAML SSO last year and it was a nightmare when we realized
all the little differences between everyone's IDP.

