As long as we still have a small team, we use Firebase Authentication which is also integrated with Google Cloud Identity Platform as our Identity Provider. The primary Google Cloud project for SSO is heartenly-prd, which is used for both customer identities and intranet identities. In the future, we plan to use Gluu for more flexibility.
Access Control and Permission Management
Since Firebase Auth / GCIP is only an identity provider, we still need an access control platform and uses ORY Keto which is powered by Open Policy Agent as the decision engine.