You ran into one of main issues with nostr

Key management 

Every nostr app will ask for your nsec. Apps that use other methods to keep your nsec safe suck on mobile. 

Some use OTP via DM but metadata leakage with Nostr DMs is terrible 

So good luck with keeping your nesc safe we are putting a lot of trust in these early nostr apps

BlokchainB

bitdevs

So, just getting started with the whole decentralised, correct me if I am wrong. 

I understood that Nostr provides a sort of SSO service in the decentralised web (like Google provides sign in service on many websites)? I signed up on Nostr, got a text file containing my private and public keys. I backed up the file securely in an offline storage. 

But I am failing to see how exactly to use them on any app? As an example, I was signing up for coinos, and they are asking my _private_ key if I want to use Nostr. Why would I give my private key to anyone or any app?

So, can someone give me some concrete examples that use Nostr for user authentication management and how to use my Nostr credentials for those apps? Any link to a tutorial or blog post will be sincerely appreciated. 