The idea of outsourced identity is just so contradictory it makes my blood pressure shoot up when people sincerely suggest it.
I'll make an exception for Office 365 / AAD when an organization has already got their userbase added, but after that I'd wager if an org is big enough to need their own federated authX, then they're big enough to deploy IdentityServer and be done with it.
Welcome to the future of the internet and web! Originally everyone was supposed to run their own servers and websites, but instead we have... The cloud?
Hardly surprising that it didn't stop with that, and today you can basically build an app on 100% rented hardware/software via services. So if we're already outsourcing everything else, why not identity?
That's a bad wager to make. In B2B it's not unusual for small, under-resourced companies to have big customers that all require an integration with their own identity solutions.
That’s my point: IdentityServer (for example) is what enables any org capable of running a website themselves to integrate with other OIDC-conformant identity solutions via federation without having to cede any control over their identity system.
A good business case is a where a company (or public department) outsources their identity system to a company that doesn't have a 24/7 emergency phone line and people can't login and it's a business emergency - but I recognize this scenario is the same as "outsourcing is cheaper than in-sourcing, but outsourcing with the same level of quality and service as in-sourcing costs more than in-sourcing". YMMV.
I have limited exposure. We use them at my place of work for 2fa for our VPN. And an organization we work with uses it for authentication.
But I haven't had to use them in anything I've developed.