[bilekas]

While I don't consider myself an apple fanboy by any means they really did do a good job with their apple sign in, I don't know the full process but they seem to use an email from a pool of apple IDs for emails that prevent the app/service ever getting your real email.

It would be easy to assume that other oath providers are doing the same but absolutely not.

[whstl]

Yep, it uses an auto-generated @icloud.com for "Hide my Email" (useable in any website, or even if you want to give to someone in person) and @privaterelay.appleid.com when you use "Sign In With Apple".

This is quite visible in User Accounts where I work... while they do cause some issues from time to time (when the user disables the relay address for an active account), it guarantees privacy.

But I don't know if other popular single-sign-on provider do this.