Even though the OAuth protocol does not necessitate this, several services have embraced it as a standard tactic.