We setup SSO, which is great. Unfortunately, users can login and change their email address and password (which is completely contrary to how SSO must work). We need SSO login to block users from the part of the profile page where they can change these fields.