There is a quiet line item in B2B software pricing that nobody puts on the pricing page in plain words. It is the price of logging in safely.
Single sign-on, the feature that lets your team authenticate through Okta or Google or Entra instead of yet another password, is the baseline security control every IT and security team asks for. It is also the feature a surprising number of vendors hold back until you reach the most expensive plan they sell, or until you book a sales call.
We wanted to put real numbers on it. So we hand-checked the live pricing pages of 28 well-known B2B SaaS tools in June 2026 and recorded exactly which tier first unlocks SSO or SAML. The pattern is not subtle.
What we checked
This is not a survey and it is not scraped. We opened each vendor’s public pricing page, read the plan feature lists the way a buyer would, and recorded the lowest tier that includes SSO or SAML single sign-on. Where the pricing page was thin, we cross-checked the vendor’s own security or help documentation. Every figure here was verified on June 7, 2026. Our methodology covers how the review desk verifies pricing.
A tool counts as charging the “SSO tax” when SSO sits only on the single most expensive tier it sells, usually an Enterprise plan, and especially when that tier is custom-priced with no public number. A tool is in the clear when SSO is reachable on a lower paid plan, or free.
One wording trap worth flagging before the numbers. Several vendors list “SSO” on cheaper plans, but they mean social login, the Google or Microsoft “sign in with” button. That is not the same as SAML SSO wired to your company identity provider. Smartsheet is the cleanest example: a generic “single sign-on” shows up on its lower plans, but true SAML-based SSO is Enterprise-only. We scored on SAML, the thing security teams actually require.
The SSO tax wall
Here are the 16 tools that reserve SSO for their top tier. The pattern repeats: a reasonable entry price, then SSO parked one or more rungs up, often behind “contact sales.”
| Tool | Cheapest paid plan | Tier that unlocks SSO | SSO tier price |
|---|---|---|---|
| ClickUp | $7/user/mo | Enterprise | Custom (sales) |
| Make | $9/mo | Enterprise | Custom (sales) |
| Smartsheet | $9/user/mo | Enterprise (SAML) | Custom (sales) |
| Linear | $10/user/mo | Enterprise | Custom (sales) |
| Canva | $10/user/mo (Teams) | Enterprise | Custom (sales) |
| Asana | $10.99/user/mo | Enterprise | Custom (sales) |
| Grammarly | ~$12/user/mo (Pro) | Enterprise | Custom (sales) |
| Synthesia | $18/mo (Starter, annual) | Enterprise | Custom (sales) |
| Loom | $18/user/mo (Business) | Enterprise | Custom (sales) |
| Motion | $19/seat/mo | Enterprise | Custom (sales) |
| Descript | $24/mo | Enterprise | Custom (sales) |
| Writer | ~$29/seat/mo (Starter) | Enterprise | Custom (sales) |
| Coda | $30/Doc Maker/mo (Team) | Enterprise | Custom (sales) |
| Jasper | $59/mo (Pro) | Business | Custom (sales) |
| Fireflies.ai | $10/user/mo (Pro) | Enterprise | $39/user/mo |
| Bitwarden | $4/user/mo (Teams) | Enterprise | $6/user/mo |
Two of these deserve a fairer word. Fireflies.ai and Bitwarden at least publish the SSO tier price, and Bitwarden’s is a $2/user/mo step, not a cliff. Bitwarden is also open-source and self-hostable, which makes it the gentlest case on this list. The rest, twelve of sixteen, hide the SSO price behind a sales conversation entirely.
Who taxes SSO, and who does not
Sort the same tools by what they actually do for a living and the story sharpens. The vendors whose product is security or developer infrastructure almost always include SSO. The vendors selling productivity and AI almost always charge for it.
AI and content tools are the worst, by a distance. Eight of the nine we checked (89%) lock SSO to the top tier: Grammarly, Jasper, Writer, Synthesia, Descript, Canva, Loom and Fireflies. The category that has spent two years telling enterprises to trust it with their data treats the basic control for protecting that data as a premium upsell.
Productivity and operations tools sit in the middle at 54%. ClickUp, Asana, Linear, Make, Smartsheet, Motion and Coda tax it. Notion, Zapier, Figma and Hive do not, with Notion the standout: SAML SSO lands on its Business plan at $15/user/mo, a tier below Enterprise.
Security, identity and developer tools are the clean ones, 1 of 6. The single exception is Bitwarden, and as noted it is the mildest version there is.
The good actors
It does not have to work this way, and the proof is the vendors who give SSO away or price it like the table stake it is.
| Tool | SSO available from | Price |
|---|---|---|
| Cloudflare (Zero Trust) | Free plan | $0 (up to 50 users) |
| GitLab | Free (self-managed) | $0 self-managed |
| Slack | Pro (cheapest paid plan) | $8.75/user/mo |
| 1Password | Business (entry business plan) | $7.99/user/mo |
| Notion | Business (below Enterprise) | $15/user/mo |
| Cursor | Teams (below Enterprise) | $40/user/mo |
| Sentry | Business (below Enterprise) | $80/mo |
| Figma | Organization (below Enterprise) | $55/editor/mo |
Cloudflare is the cleanest of all: full SAML and OIDC integration on the free Zero Trust plan for up to 50 users. Slack puts real SAML SSO on its cheapest paid tier. GitLab hands self-managed customers SAML for nothing, and reserves it for Premium, never the top Ultimate tier, on its hosted plans. 1Password ships SSO unlock on its entry Business plan. These are not charities. They are companies that decided a login standard should not be a revenue lever.
A few of the others, Cursor, Sentry and Figma, technically clear the bar because SSO is not on their single top tier, but reaching it still means a real jump (Sentry triples from $26 to $80 to get there). Better than a tax. Not free.
Why SSO ends up on the enterprise tier
None of this is an accident, and most of it is not even framed as security pricing. It is packaging. SSO is the feature that signals “this buyer has an IT department and a procurement process,” so it gets used as the tripwire that moves a self-serve account into a sales-led contract.
The logic is clean for the vendor and ugly for everyone else. A 30-person startup that wants to put SSO in front of its tools is told the price is “Enterprise,” which often means a five-figure annual minimum and a call. The control that would most improve that startup’s security posture is the one sitting behind the highest paywall.
There is a reason the security community gave this a name years ago and started keeping public lists. Charging a steep premium for SSO does not just annoy buyers. It actively pushes smaller teams to run without it, which is the opposite of what a security feature is supposed to do.
The custom-pricing trap
The sharpest version of the SSO tax is not a high number. It is no number at all. Ten of the sixteen tools on our wall (ClickUp, Asana, Linear, Make, Smartsheet, Loom, Canva, Grammarly, Writer and Coda) put SSO on a custom-priced Enterprise tier with nothing published.
That does two things. It hides what SSO actually costs you until you are deep in a sales cycle, and it lets the vendor set the number based on what they think you can pay rather than a list price. You wanted to turn on a login standard. You ended up in a negotiation.
When a vendor will publish every other tier’s price but goes dark exactly at the tier that unlocks SSO, that is a deliberate choice about negotiating position, not a limitation of the pricing page.
What buyers should do
Price SSO before you sign, not after. When you compare two tools, do not compare their entry plans. Find the tier that actually includes SAML SSO on each, and compare those numbers. For a lot of the AI and productivity tools above, that tier is a different planet from the sticker.
Read the word, not the label. If a plan says “SSO,” check whether it means SAML wired to your identity provider or just a social login button. Smartsheet, and others, count on you not checking.
For any tool that hides SSO behind “contact sales,” ask for the SSO tier’s real number in writing on the first call, and ask why a login standard requires a negotiation. The answer tells you how the rest of the relationship will go. And where two tools are close, the one that includes SSO on a reachable plan is worth a real premium elsewhere, because you are buying out a future five-figure surprise.
Methodology
Sample: 28 well-known B2B SaaS products across AI and content, productivity and operations, and security, identity and developer categories. Tools were drawn from the Topickz review desk and chosen for name recognition and for having a published tier ladder to verify against.
Collection: for each tool we read the live public pricing page on June 7, 2026 and recorded the lowest tier that includes SSO or SAML single sign-on, cross-checking the vendor’s security or help documentation where the pricing page was ambiguous. We scored SAML SSO specifically, not generic social login, and we noted where the SSO tier is custom-priced.
Scoring: a tool charges the “SSO tax” when SSO is available only on its single most expensive tier. Two tools we examined (Vidyard and Copy.ai) did not publish enough to verify an SSO tier and were excluded rather than guessed. Self-hosted and SaaS editions can differ; where they do (GitLab, Bitwarden), we noted it.
This is original Topickz research. We will refresh it annually.
Cite this report
Free to reference with a link back to this page. Suggested credit: “Topickz SSO Tax Report 2026 (topickz.com/research/the-sso-tax-2026/).”
To embed the chart:
<a href="https://topickz.com/research/the-sso-tax-2026/">
<img src="https://topickz.com/images/research/sso-tax-by-software-type-2026.svg"
alt="Topickz SSO Tax by Software Type 2026" width="760">
</a>
<p>Source: <a href="https://topickz.com/research/the-sso-tax-2026/">Topickz SSO Tax Report 2026</a></p>
Related reading: best IAM and SSO platforms , The SaaS Pricing Cliff Report 2026 , and our review methodology .