I don’t things is much worse than OAuth itself. You just have to make a login with Google/Facebook/X button.
Also the thing about the URL won’t have much practical difference for the user. The reason is that a lot of the flows can redirect through different domains. For example, when I sign in with Google into a third party site, I often see a redirect through the YouTube domain.
So users are not expecting full fidelity to the domain.
Also the thing about the URL won’t have much practical difference for the user. The reason is that a lot of the flows can redirect through different domains. For example, when I sign in with Google into a third party site, I often see a redirect through the YouTube domain.
So users are not expecting full fidelity to the domain.