So maybe private managers of secrets are better than outsourcing them.
Your first bullet indicates that you misunderstood how this works. There are no credentials.
There are supposedly no credentials you enter on a website for the openid client, but you outsource them to an openid service, in our case redmine. There obviously still are credentials! Now i need to still tell gerrit (openid client) which openid service to use. I need to enter/click that EVERY time, pw manager will not help me there. Plus i need to make sure to already be logged in with redmine. In daily work the supposedly easier openid login becomes a major click orgy to reference the credential service, where other non-openid logins are me hitting enter (after unlocking pw manager once per browser session) and that’s it.
what happens when you want to switch browsers or platforms or devices?
SSH keys. :)
For website logins?
I rarely log to websites. <- The fact I can write this is a counter-example.
But unfortunately, not.