> "as seen in China" login-via-callback flow
What, exactly, does this mean?
But passkeys are the new hotness, not SSO, and what you’re describing is SSO. Passkeys aren’t tied to an outside account, just a password manager (which can be your browser - no account required).
Your parent comment may refer to requesting and waiting for a login link in, say, an email to authenticate - not SSO.
Oh, that makes sense.
When I lived in China a common way of "logging in" was to enter an OTP sent to your phone via SMS. By the time I left a few years back it seemed increasingly that signup and login flows were on the way out in favor of simply using your phone number anywhere and everywhere as a personal identifier and OTP or in-app notifications for authentication.
Added benefit of inheriting someone's account if they miss the phone number rent and you get the recycled number.
Thanks, I misread your first comment. That makes sense. Yeah, not a great system, especially because it turns phone numbers into semi-sensitive personal information that you also give out to every single person you ever meet.