I'm completely new to EpiServer however I would like to start to evaluate what options around Single Sign On are available?
I'm keen to offer my internal users (line of business) authors and admins a Single Sign On experience via SAML (specifically using OKTA), and managing their roles via claims approach perhaps via SAML2.
For the consumption side of the experience I also have a need to offer Single Sign On however I'm considering AzureAD here since we have multiple other Saas like applications in our estate.
You can check out the basics of federated security (SSO) here for Episerver
Since Episerver 10 uses owin and .NET identity out of the box, it can be implemented pretty cleanly now. SSO is always a bit tricky to get right though with all the configurations so feel free to add some extra time on time estimations (just a tip). It looks easier than it is...