You’re right that there are situations where it might be best to roll your own solution, but they should be the exception and not the norm.

Providers such as Azure AD and Auth0 allow injecting custom claims in the authorization flow, either executing custom logic on the auth server itself, or by retrieving claims from an external source, etc.

For example, I have built an open source project, Hereditas, which leverages the Auth0 runtime to perform custom logic during the authentication flow.

The companies that offer identity services as an enterprise-grade service (e.g. Azure AD, Okta, Auth0, etc) do not claim ownership on your data, and make it clear your data is yours and you can get it exported on-demand (often with their own automated tools). They also provide contractual guarantees that limit their ability to shut down without long notice.

The likelihood of Google or Microsoft shutting down their identity platform in the foreseeable future is almost zero, given how foundational the identity platform is to all of their products (e.g. they are a core component of Office365 and Google Apps).