The SSO Tax affects login convenience - users complain, and vendors respond. The SCIM Tax affects security, but only IT feels the pain. Vendors exploit this asymmetry.