Perhaps you can limit the support of OAuth authentication for APIs only for those organizations with SSO enabled, so you don't have to select an OAuth provider yourselves.

Or maybe add a configuration panel to the organization so we can add our own OAuth authentication provider.