tl;dr:One of the pitfalls of building SSO and SCIM from scratch is the ongoing engineering investment required to scale your solution — supporting more IdPs, dealing with expiring SAML certificates, and standardizing onboarding fragmentation. And this is after spending 3-6 months to develop the initial solution for a handful of providers. When factoring in feature expansion (domain verification, JIT provisioning, custom-mapped attributes, IdP role assignment), which is different from work related to maintenance and scalability, the total cost of ownership multiplies significantly.