Other identity management solutions like c.f. Auth0 support a "Passwordless login" by sending a "magic link"
via email that gives them one-time access to an application. The link encodes a one-time code that quickly expires.
It would be a nice feature to have in keycloak. The link could refer to a user / client and redirect the
now authenticated user to the application that is represented by the client.
Of course this would require that some information about the user (username, email, roles etc.) is already provided apriori.
See Auth0 magic link