Canonical SSO provider

Comment 4 for bug 616255

I think the static version of the content is actually enough to mark this bug as "Won't fix" unless we want to add some optional 3rd party branding to the email content. Assigning to myself to check requirements with stakeholders.