I think about basic things like: - blocking/unblocking account - reset password - changing email of an account if needed - list of applications where the account is linked/registered - deleting account - destroying all sessions of that account After it's more about reserving 2FA & other essential things that we want with an idp and his management ui