RE: How to distinguish between Google Logins and traditional email+pwd logins?

@owork138 I have the same question. To solve this is there a way that a lamda can fire when an IDP is used for a login. Even knowing the IDP.ID at this point would be good and I would write it as a claim in the id_token.

I have setup a few IDPs for my application. In in OIDC client I pass an idp_hint which works when there are no cookies dropped. A cold login.
How do I force another relogin by passing a different idp_hint?
How do I force a relogin?

The use case is.

• User has logged in using their email/password

• I want to challenge them again against a well known IDP, hence a forced login by passing the idp_hint. This doesn't work, it just returns that original id_token.

What I want: I need an id_token that contains the users information and the current IDP that was used for the login. (edited)