https://notes.karlmcguinness.com/tags/enterprise-saas/Recent content in Enterprise SaaS on Control Plane by Karl McGuinnessHugoen-uspublic@karlmcguinness.com (Karl McGuinness)public@karlmcguinness.com (Karl McGuinness)Sun, 19 Apr 2026 20:05:00 -0700https://notes.karlmcguinness.com/notes/enterprise-saas-needs-oauth-federation-now/Sun, 19 Apr 2026 20:05:00 -0700public@karlmcguinness.com (Karl McGuinness)https://notes.karlmcguinness.com/notes/enterprise-saas-needs-oauth-federation-now/Enterprise SaaS still defaults to app-by-app OAuth islands with their own clients, long-lived artifacts, and revocation paths. The architectural shift is OAuth federation: adopt issuer-mediated federation now for services and workloads, and adopt Cross-App Access (XAA) as the standards direction for user-delegated cross-app access.