Because non-tech people are more susceptible to phishing attempts. It’s obvious to you or I, but my grandma needs all the help she can get to know whether she’s still in the app or an external website when she’s handing over her credentials.

So now we're assuming that the Netflix app does not know which domain it considers safe?

Think of an app that allows user generated content

There is already the ability to establish "associated domains" for the apps which establishes a special relationship between them.