Use OIDC. It is based on Oauth. I would fiddle with implementing basic Oauth clients first. Like a Spotify playlist fetcher or something. Just to start getting a feel for the flows and things you would be concerned with.

Not the best suggestion but haven't seen others give any yet...

IdentityServer4 [0] is no longer maintained [1] but had SSO support and the source is still on github.

[0] - https://identityserver4.readthedocs.io/en/latest/

[1] - They had to go commercial to stay afloat, there wasn't enough contributions from community/etc. That said it's pretty cheap for what it does in the .NET space.

Something like Keycloak?

I think they're asking for advice on how to more reliably implement the RP side.

Keycloak (Java) and Zitadel (Go) are my recommendations.