There is a shift underway in education technology that a lot of firms are not interpreting correctly yet. They still think the market is about software access. They still think the problem to solve is how to get a user into all the apps. They still think the center of gravity is the login. It is not.
The center is moving. It is moving away from access and toward orchestration.
That means the strategic question is no longer, “How does the teacher, student, or administrator get into all the software?” The real question now is, “How does the work get done across all the systems, at the right time, with the right people, under the right permissions, without the user having to manually traverse a jungle of apps?”[1]
That is a much bigger question. It changes the role of single sign-on. It changes the architecture of platforms. It changes what schools will buy for next. And yes, it means even the SSO firms ought to be nervous.
SSO Solved the Last Problem
Single sign-on was a smart answer to a very real problem. Schools accumulated way too many applications—learning management systems, student information systems, assessment products, communication platforms, libraries, content tools, intervention tools, niche curriculum products, and a running stream of free teacher finds. SSO helped reduce some of the pain. It cut password fatigue. It simplified at least part of the user experience. It made the app explosion slightly more bearable.[2]
But let’s be honest about what SSO actually did. It made it easier to enter the app stack. It did not fix the stack itself. It did not solve fragmentation. It did not solve duplication. It did not solve the fact that teachers and students were still expected to hop from destination to destination, each with a different interface, workflow, data structure, and record logic. SSO was a bridge over a mess. It was not a redesign of the mess.[2]
Now orchestration is on the scene, and orchestration is not interested in preserving the old design assumptions.
Orchestration Is Not a Feature; It Is a New Control Layer
When people hear the word orchestration, some think it means integration, workflow, or automation. It is all of those, but it is also more. Orchestration is the emergence of a control layer that can understand intent, evaluate timing, pull from multiple systems, trigger actions, move records, notify people, form groups, adjust schedules, and coordinate outcomes across what used to be siloed applications.[1][3]
That is a profound shift for education because schools are not just content environments. They are time environments. They are calendars, staffing constraints, intervention windows, groupings, pathways, course arcs, accommodations, attendance realities, and accountability timelines. Once AI-driven orchestration starts operating against time, learning records, and communications all at once, the old “log into your apps” model starts to look painfully primitive.
This is where the market is headed. The user no longer wants to launch six things. The user increasingly expects one environment to know what needs to happen next and to make it happen.[1][4]
The App Stack Is Already Under Pressure
And here is the part the SSO firms, app vendors, and even district leaders really need to sit with: the pressure to thin out the overstock of siloed apps is not theoretical. It is already underway.[5]
Districts are now under budget strain, privacy strain, cybersecurity strain, staffing strain, and program strain. They are staring at forests of overlapping products and asking a brutally practical question: Why do we have all this? In 2024–25, districts accessed an average of 2,982 distinct edtech tools annually, up nearly 9 percent year over year. In the prior year, the average was already 2,739 tools. Lightspeed’s 2024 analysis similarly found districts using a median of 2,055 apps, while 95 percent of student app engagement came from fewer than five percent of total applications—in that report, just 97 apps accounted for 95 percent of engagement.[5][6]
Just stop there for a second.
If nearly all the engagement is concentrated in a tiny share of the tools, what exactly is the rest of the ecosystem doing besides costing money, increasing security exposure, complicating privacy management, bloating procurement, and overwhelming oversight? Add to that the fact that over 65 percent of applications had at least one data privacy policy change during the year, and the app sprawl problem stops looking like innovation and starts looking like operational drag.[6]
This is why the conversations in district IT and administration are changing. Teachers may still be “apptastic” in practice—living amid a swirl of tools, tabs, launches, and habitual digital scavenging—but the district and cabinet level are increasingly trying to skinny down the stack, centralize control, reduce overlap, and cut costs.[5][6] That is not anti-innovation. It is survival.
Teachers Still Live in the App Carnival
The irony is that classroom practice does not change overnight. Teachers still work in a highly fragmented reality. Even when districts formalize and approve fewer tools, educators still operate in a culture where dozens of applications can touch instruction across a year. In the 2024–25 school year, educators used an average of 50 tools annually, up slightly from 49 the year before. Students used 48.[5] In the middle grades, students routinely interacted with more than 70 applications in a year in some reports.[6]
So yes, from the human point of view, schooling still feels deeply “apptastic.” But that is exactly why orchestration becomes so powerful. Orchestration does not ask the human to become a better juggler. It changes the environment so the juggling matters less.
The future is not better circus skills inside app overload. The future is a central layer that says: here is your next action, here is the right resource, here is the right time, here is the right group, here is the record trail, and here is the communication that needs to go out.[1][3]
That is not SSO. That is a different category.
This Is Where SSO Gets Demoted
Let me be very clear: identity is not going away. Authentication is not going away. Authorization is not going away. In fact, in a K–12 market under constant cyber pressure, they become even more important.[7]
But classic SSO as the visible strategic layer? That is where the demotion begins.
In an orchestrated environment, users will still be authenticated somewhere. But they will increasingly stop experiencing the world as “I log in and then go from app to app.” Instead, they will operate inside a persistent shell, bubble, copilot, work surface, or hub that knows who they are, what role they are in, what they are trying to do, what time is available, what permissions apply, and what systems need to be acted on.[1][3][4]
That changes everything.
SSO moves down into the plumbing. It remains necessary, but it loses the starring role.
And when technology moves from strategic differentiator to background utility, the companies built around it either evolve—or they become invisible.
The Next Identity Market Is Not Human Login
There is another reason SSO companies should be nervous: the next identity market is not just about the human user at all.
As AI orchestration rises, agents themselves become actors. They do things. They schedule. They route. They draft. They recommend. They trigger. They may even group students, initiate outreach, flag risk, or update administrative processes. Once that starts happening, the identity problem changes from “How do I log the person in?” to “Who or what took this action, under what authority, with what scope, and with what audit trail?”[3][4]
That is not a minor extension of SSO. That is a major redefinition of identity architecture.
Microsoft has already signaled this direction by extending identity thinking toward AI agents, while broader authentication trends are rapidly normalizing passkeys, short-lived delegated tokens, and credential-based trust claims as part of the future stack.[3][4] Meanwhile, verifiable credential models are making it increasingly plausible that systems will trust asserted facts—role, completion, authorization, status, affiliation, eligibility—without relying so heavily on the older model of endless account-by-account, app-by-app dependence.[4]
In other words, the market is shifting from: identity → access → app
to: identity → intent → orchestration → action
If an SSO firm does not understand that, it may still exist five years from now, but it will no longer define the market conversation.
In Education, Time Will Beat Access
If there is one idea the industry still underestimates, it is this: in schools, time matters more than access.
Access only gets you into the software. Time determines whether anything actually happens.
Can three students be regrouped tomorrow at 10:15? Can a tutoring block be moved to avoid conflict? Can a learner who fell behind be rebalanced without creating overload? Can instruction, intervention, staffing, family communications, and record updates happen in sync? Can the digital environment operate around the actual flow of the school day rather than forcing humans to patch across apps? That is where orchestration wins.[1][7]
And once districts begin buying for those outcomes, the value conversation changes. They stop asking only whether a product integrates and single-signs-on nicely. They start asking whether it contributes to central orchestration, reduces app redundancy, preserves security, manages claims and permissions coherently, and cuts operational waste.[5][8]
That is a much tougher market for SSO firms if all they have is a better launchpad.
My Prediction
Here is my prediction.
Within the next three to five years, the leading-edge conversation in education technology will shift decisively away from SSO as a strategic centerpiece and toward orchestration as the core architecture question.
SSO will remain present, especially in K–12 environments with complex legacy stacks, but it will increasingly function as infrastructure rather than innovation.[1][3][5]
At the same time, districts will continue slimming their app ecosystems, not because digital tools are disappearing, but because there is growing evidence that the sheer volume of tools is wasteful, duplicative, and increasingly unaffordable.[5][6] Administrators and IT leaders will push for central visibility, central policy, central timing control, and central action surfaces. Teachers will still have app habits for a while. But the buying priorities will move upward.
By the early 2030s, “single sign-on” may still exist technically, but as a category label it will feel dated—an answer from the era when software was a pile of destinations rather than an orchestrated operating layer around the user.[3][4]
The Real Question for SSO Firms
So the question is not whether SSO disappears. It doesn’t.
The question is whether the SSO firms will remain content being useful plumbing, or whether they will move up into the new trust-and-orchestration fabric.
Can they handle agent identity? Can they govern delegated action? Can they support portable claims and verifiable status? Can they become event-aware and policy-aware? Can they insert themselves into a future where the work is being done across systems by humans and machines together, not merely by humans clicking through a stack of vendor tabs?[3][4]
That is the real market test now.
Orchestration is here. It is not a side feature. It is not a convenience layer. It is not just automation with a prettier name.
It is the next architecture.
And once that is understood, it becomes obvious why even the SSO firms should be nervous.
Endnotes / Source Notes
[1] Microsoft and industry coverage on agentic AI and orchestration in education point to systems moving from simple assistance toward multi-step, cross-system action, including domain-specific agents and workflow orchestration. [microsoft.com], [8allocate.com], [teachfloor.com]
[2] Federal K–12 cybersecurity guidance and education sector analysis show how schools remain heavily dependent on fragmented digital systems and access layers, helping explain why SSO became such a practical solution in the application era. [cisa.gov], [ed.gov], [k12dive.com]
[3] Microsoft Entra updates and broader authentication trend analysis show the rise of AI-agent identity, passkeys, OAuth-based agent authorization, and the extension of Zero Trust principles beyond human users. [learn.microsoft.com], [clerk.com], [4sysops.com]
[4] Microsoft Entra Verified ID and related identity developments point toward verifiable claims, delegated trust, portable credentials, and more invisible—but more sophisticated—identity infrastructure. [microsoft.com], [learn.microsoft.com], [clerk.com]
[5] LearnPlatform by Instructure’s 2024–25 and 2023–24 reporting shows districts used an average of 2,982 tools in 2024–25 and 2,739 in 2023–24, while district leaders increasingly push for fewer, more effective tools and more centralized ecosystems under budget pressure. Educators used about 50 tools annually in 2024–25. [instructure.com], [instructure.com], [eschoolnews.com]
[6] Lightspeed Systems’ 2024 EdTech App Report found a median of 2,055 apps per district, with 95% of student app engagement concentrated in fewer than 5% of applications—specifically 97 apps in that dataset—and over 65% of apps changing privacy policies during the year. [k12techpro.com], [lightspeed...ystems.com]
[7] CISA, the U.S. Department of Education, and CoSN all continue to emphasize cybersecurity, identity protection, and data privacy as top K–12 priorities, reinforcing that the future is not less control but more sophisticated and more centrally managed control. [cisa.gov], [ed.gov], [cosn.org]
[8] District consolidation examples and sector reporting show active efforts to cut redundancy, reduce approvals, and centralize the edtech ecosystem—for example, Oklahoma City Public Schools reportedly shrinking its inventory from about 1,800 apps to 250 approved apps, and district leaders explicitly pursuing consolidation as ESSER-era budgets tighten. [edsurge.com], [edtechmagazine.com]
