Provide option to user for the desired login method

[muhlemmer]

Preflight Checklist

• I could not find a solution in the existing issues, docs, nor discussions
• I have joined the ZITADEL chat

Describe your problem

Currently Zitadel defaults to using an IdP if one was previously used by a user. When an auth request happens and Zitadel is aware of a linked IdP, the user is redirected silently without asking if other methods (like password) are preferred instead. Only when the IdP login flow fails, we present options as a fallback.

There are situations where this is not desired. As per incoming support case:

Our case for this is simple: at some clients onsite, we are not able to login via Microsoft due to their corporate network policies. In this case, the Idp gets stuck, without Zitadel detecting it (because the warning is on the Microsoft side).

The current flow is desired by many of our users / customers and therefore we can't change the behavior globally.

Describe your ideal solution

Acceptance criteria

• Consume the policy provided by Add policy to provide choice of login method zitadel#9318
• When enabled, always ask the user for the desired login method

Version

No response

Environment

ZITADEL Cloud

Additional Context

After zitadel/zitadel#9318