The Strava OAuth approval page doesn't confirm which athlete is being prompted to authorize an app. This is problematic for at least 2 scenarios:
One simple fix could be to show the profile picture and first name of the logged in Strava account on the OAuth page.
In the applications I've built, I create that confirmation myself. So the steps of tha authorization is
This strategy has worked really well. I hope it helps, even though you still have to do some of the work you think Strava should do for you 😊