[noodlesUK]

Social login and SSO is generally implemented these days as OIDC (which is based on oauth2). You can read the RFCs for it, and they pretty much explain the whole thing.

Oauth2: https://tools.ietf.org/html/rfc6749

PKCE (replaces the implicit flow): https://tools.ietf.org/html/rfc7636

OIDC: https://openid.net/specs/openid-connect-core-1_0.html

[brittpart_]

So essentially the UI is called SSO and the authentication happens with Oauth2/OIDC - that's the combo Apple uses.

Do you know what the barrier to entry is for a company to integrate another company's SSO?