Can you explain more about how this works for SSO?

Let's say I'm trying to launch a product (which I am), and want to have SSO as part of the package (which I do), how do I implement what you just said?

I looked into SSO services and they're bloody expensive, so if I can cheaply do it myself, I will.

SSO is hairy enough that you can't write it from scratch in any reasonable amount of time for what a typical SaaS needs.

There's OSS SSO you can host yourself that supports enterprise : https://www.keycloak.org/

If you're B2C Firebase Auth is cheap, and doesn't actually require hosting on Firebase

I expected so, looking at how much it costs to provide just SSO as a service.

Thanks for keycloak, didn't know about that.

The comment about customers is possibly valid, the difference entirely your use case. If you consume services as a corp, and your goal is to be able to decouple any employee quickly, then you do not need SSO, assuming each service you use allows you the option to delete by username (with proper auth, ofc).

SSO is only needed when you want to give a customer federated access (ability to assign roles without activation on their part). For an internal corp it is largely unnecessary and a convenience thing not a security one (it is much more secure to require different passwords for every service versus a global SSO credential that gets you everywhere).

If your "customers" are your own employees, then this is your decision not a use case or a business requirement.