SSO tax, cut
Back in 2023, we introduced Pricing v3. At the time, we made the decision to separate Single Sign-On (SSO) identity providers into two categories: standard identity providers (free-to-use identity services) that could be used on all Tailscale pricing plans, and advanced identity providers (paid-for identity services) which could only be used with our Personal, Premium, and Enterprise pricing tiers.
A few weeks ago, we quietly removed this language from our website, making Tailscale usable with any OIDC-compliant SSO identity provider on any plan.
Almost a year to the date after we made the initial decision, SSO is once again available for free for everyone. The number of users affected by this change is relatively small; most people on our paid tiers use premium features other than advanced identity providers, and most Starter users were comfortably using standard identity providers. But we made the move for reasons that were important to us, and understanding those reasons requires a little background in identity.
First, some context. Single Sign-On, known as SSO, centralizes user access management. It reduces the number of login credentials users have to maintain, which in turn reduces the number of credentials vulnerable to compromise. In addition, it allows organizations to enforce uniform security policies, such as mandating the use of 2-factor authentication and password strength. SSO makes it easier to grant and revoke access to applications quickly during onboarding, offboarding, and security incidents, and provides audit logs for users' access and use of applications.
/cdn.vox-cdn.com/uploads/chorus_asset/file/25362056/STK_414_AI_CHATBOT_R2_CVirginia_A.jpg)
