Not only SSO, but also two-factor authentication. Without asking for the user identifier first, you don't know which authentication method to present, because this varies per user account.
The alternative is to let the user choose the authentication method right on the first screen, but that would mean showing all possible methods (some of which may be limited to certain groups of accounts) and getting a lot of users stuck because they chose the wrong method.
The alternative is to let the user choose the authentication method right on the first screen, but that would mean showing all possible methods (some of which may be limited to certain groups of accounts) and getting a lot of users stuck because they chose the wrong method.