In this talk, we present our S&P'25 paper, exploring the brokered SSO ecosystem and its security. This new flow introduces a broker that mediates interactions between websites and Identity Providers. We uncovered 249 brokers and found 50 vulnerable.