Why would you want to do that? One of the main security features of oidc/saml is that the user never enters credentials ( which includes during password reset) on anything outside the idm provider (==keycloak). Your flow just adds one more point to intercept the user credentials. So unless you want to capture user credentials, I don’t see a valid usecase.