...
If you’re asked to support it, what the person asking is really saying (imprecisely if not incorrectly) is that they want you to support federated login to your particular web service/platform, generally via SAML. They want you to let their users log into your services using their local credentials via their local login server instead of requiring a password issued by you or by Google or whatever solution you might be using.
Our “niche” is higher education, where there are large federations of universities and service providers that work together on the federated login problem using the SAML standard. Our software is not unique to that use case, nor to SAML, but that’s where we have mindshare so that’s usually the source of inquiries.
Supporting the SAML standard, whether in higher education or some other sector does not require using our software. It does mean deploying some kind of new software in your infrastructure/platform that changes how you do something very, very critical and so is not a simple task or something to do on a whim. You will need help from IT staff, either yours or from a third party. And you will have to change things. There are ways to support this feature with more or less “invasiveness” but there are no “zero-footprint” options.
Our software has pros and cons like any other way of doing anything. It takes research and experience to know how to find the right solution for any technical problem, and chances are if you’re very new to the issue, Shibboleth won’t be a great fit. We make complex software for complex needs and we assume a lot of knowledge up front, as is common with open source.
...