Microsoft's online login is probably the most prominent example of translating "user@domain.com" into a SSO login/redirect that uses Azure AD or another SSO provider for signon that I can think of.
I know it's based on DNS and/or HTTP(S) entries for the common SSO, just don't recall all the specs off hand.
For the google/apple and other very common cases you can detect by a whitelist for the domain part. For others, if there isn't a discovery mechanism in place, would have to defer to internal (password) created accounts.
It's a bit of a mess, fortunately there's a handful of TLDs that account for over 95% of public users. IIRC, when I worked at emailage, it was something like >85% of requests were from 20 domains, and 95% or so were from 100.
I know it's based on DNS and/or HTTP(S) entries for the common SSO, just don't recall all the specs off hand.
For the google/apple and other very common cases you can detect by a whitelist for the domain part. For others, if there isn't a discovery mechanism in place, would have to defer to internal (password) created accounts.
It's a bit of a mess, fortunately there's a handful of TLDs that account for over 95% of public users. IIRC, when I worked at emailage, it was something like >85% of requests were from 20 domains, and 95% or so were from 100.