At PropelAuth, our goal is to make it as straightforward as possible for you to sign up new users and their teams. That means we provide both easy ways for your users to sign up and for those users to invite their coworkers to your product. PropelAuth hosts everything from the UIs to the APIs for your end users, and you can customize both the style of the page and the options you provide.
We recently added support for Microsoft SSO, as it's used worldwide by many teams.
Logging in with an SSO provider like Microsoft, Google, Github, etc. provides one of the lowest friction ways of signing up new users, but requires your users to have an account with one of those providers.
If you are implementing login via these providers, you likely aren't choosing just one, but will also want to provide other options. At PropelAuth, we provide login via SSO providers, via a passwordless magic link, or an email/password. All you have to do is provide us with a Client ID and Client Secret and we take care of the rest. We manage the callbacks from the providers and handle the OAuth flow with PKCE. All you have to do is use one of our frontend libraries which abstracts away all the details and provides you with a single user_id for logged in users, and org_id for the organizations they are a member of.
Our documentation also provides step-by-step instructions on exactly what to do to enable SSO support. PropelAuth also handles edge cases like automatically merging accounts and making sure you don't accidentally merge an account with an unverified email to a real account.