Just from a user perspective I find OAuth in embedded browsers to be very annoying. They have their own cookie jars so users always have to login but since it’s in an app, password managers usually don’t work. This leads to a lot of jumping back and forth between apps. Using a devices standard browser usually includes a lot less friction for a user. They usually just have to hit authorize if they already have an active session.
And that doesn’t even touch on the security issues of apps being able to steal user’s passwords.
