We have a certain social identity provider that we would like to phase out for our CIAM users. The most straightforward way I can think of would be to change our end-user facing login screen to take them to a new screen where we explain the situation and prompt users who click on this social IDP to add a password to their account. I’m wondering if this is possible and what API calls need to be made to move the user to the right state?
I found this support article Problem: Password reset does not work with users created via social logins (Google, Facebook, etc.) which makes it clear the basic reset password flow is not suitable.
I’ve looked a little bit at the Identity Provider User Operations API, including the ability to list and unlink an IDP associated with a given user DELETE /api/v1/idps/${idpId}/users/${userId}
. Is that the path to follow?