because SSO is implemented using various protocols like SAML, OAuth 2.0, and OIDC, each with different use cases, data formats, and security models. Identity providers also have custom implementations, which lead to variations in endpoints, token formats, and user info structures, making a universal API flow difficult to standardize.