Hello,
I’ve been trying to disable the username/password authentication method but I just can’t seem to do it. I’ve created a theme that removes the forms in the frontend but I guess people can just use something like “Postman” to authenticate in the backend (Although I haven’t been able to do this for some reason).
I’ve tried:
- Removing the forms in the authentication flows. This automatically gives me an error page.
- Denying access after the form. This also automatically gives me an error page without even submitting data.
- Redirecting to the Login page if an error page appears. This just put me in an infinite loop.
- Using just the username form and then password form. This has the disadvantage of revealing existing users.
Solutions im thinking of:
- Program custom step.
- Customize the error page and put the other identity providers there (not sure if it would work).
Any help would be appreciated on how to do this !