Here are a couple just based on my limited anecdotal observations. Some sites will redirect a user to the region/cluster their account resides externally rather than internally. There may be a mix of technical and/or regulatory requirements around this pattern. And to your point, some sites will retroactively snap in other authentication methods, redirecting to a different endpoint rather than retrofitting the logic internally on the destination servers. Sometimes this is a result of technical dept or prioritization of projects or spending. Sometimes this is a result of adding a turn-key solution that did not easily integrate with existing applications. I'm sure others here can add more reasons than I have seen.