SSO means: “I trust «other_site» to rely on ALL of my authentication and rely on it exclusively for this purpose.”
That other site could be anything - it could be your Corporate SSO site, it could be something horrible that trusts users completely, it could be a provider that requires an RSA key with certificates, heck it could even be (another) Discourse.
oauth2 means: “This is a login option for my site” such as Google oauth2.
If what you’re trying to do is this:
But if what you’re trying to do is this:
Then you need to write “SSO Provider” as Discourse doesn’t care what’s behind it.