It's all about separating that like software authorship thing from the user experience, right? Like the user should be able to select their own key ring. And one password even can be an SSH daemon for some of that as well. So those are both options for ways that your app can directly interact with your password manager. The call to action for app maintainers and people operating services is do some threat modeling, write it down and do everything the same way.