If you are doing enterprise software I think you’ll find OIDC support less important - I don’t think most enterprise IdPs support it.
If you want one target: you’ll want SAML to federate against ADFS. That gets you going with an open standard and targeting one of the most common IdPs.
Yep and I'll add my experience at UNC was stellar where we allowed users to self-service AD via Grouper[0] and then Ping sourced information from there. It was integrated with AWS IAM and several other services, too.
If you want one target: you’ll want SAML to federate against ADFS. That gets you going with an open standard and targeting one of the most common IdPs.