SAML is an unfortunate a necessity in most enterprise environments. There’s almost always something, usually more than one, where SAML is the only option. I do think in 2024, everyone should also offer SAML alternatives in parallel
.
Sure, but that would arise because you've followed the advice in the article.
If you're a relying party, and you want to integrate with Okta, Google, other OIDC-supporting IdPs … implement OIDC!
If you're on the RP side and you have to integrate with an IdP that only speaks SAML and not OIDC, well, then you're probably out of luck and just have to make the call: is it worth the business? Maybe it is. Then you implement SAML.
