I am very new to the single sign-on options available to me. I currently have a requirement to secure multiple application sets within the same product family and have no idea where to start.
Some of the base requirements would be
You are confusing two seperate concepts viz:
ADFS only does the former. You need an Identity Manager (IM) to do the latter.
User should be able to authenticate once, and based on the credentials user would be redirected to the required application
I'll concentrate on the Microsoft world. ADFS and Azure AD can both do this. User --> application --> IDP - authenticates --> back to application
A central management console should be available for administrators to simplify role assignments as well as grant access to the various applications as required
IM functionality. AAD could do the group assignment but doesn't really have workflows. You can use "Active Directory Users Control" in Windows Server to manually edit AD attributes for use by ADFS.
Users can register for certain applications but certain sensitive applications require administrator approval before the user can successfully log in.
IM - needs workflows
This SSO should also secure an API with some sort of permission logic e.g. only supervisor roles can delete a record
This is both. ADFS 4.0 (Server 2016) can protect web API as can AAD. Deleting roles is IM as above.
Users should be able to register with OAuth providers such as Facebook, Twitter, Google & Windows live.
Microsoft has limited social interaction. You can add some social providers using AAD. I use Auth0 and federate as it has tons of social providers. Azure B2C may be of use here.
The SSO provider should be simple to implement into multitude of platforms such as Windows Apps, Web Apps, Mobile & services
For web apps, you can use SAML, WS-Fed, OpenID Connect & OAuth.
For Windows Apps, you can use OpenID Connect & OAuth.
For Mobile & services, you can use OpenID Connect & OAuth. (Note there are four flows to cater for different scenarios).
ADFS 4.0 (Server 2016) and AAD can support all the above.