No IdP required, Multiple IdPs supported, Onboarding flow

src/pages/selfhosted/identity-providers/index.mdx

@@ -2,19 +2,20 @@
 
 NetBird's self-hosted implementation uses the OpenID Connect (OIDC) protocol for authentication, an industry-standard identity layer built on top of OAuth 2.0. OIDC is used both for user authentication to access the Management Service Dashboard and for user device authorization when accessing internal resources.
 
-## Embedded IdP (Recommended)
+## Local User Management
 
-Starting with version X.XX, NetBird includes a **built-in identity provider** powered by [Dex](https://dexidp.io/). This is now the default for new deployments and eliminates the need for separate IdP infrastructure.
+Starting with version X.XX, NetBird **no longer requires an external identity provider**. The Management service now supports creating and managing local users directly, so you can get started without setting up Zitadel, Keycloak, or any other IdP.
 
-With the embedded IdP, you can:
+With local user management, you can:
 
 - **Create local users** directly from the NetBird Dashboard
-- **Add SSO connectors** (Google, Microsoft, Okta, etc.) through the Dashboard UI
+- **Add external identity providers** (Google, Microsoft, Okta, etc.) through the Dashboard UI
+- **Configure multiple IdPs** simultaneously—users see all providers as login options
 - **Simplify your deployment** with fewer containers and reduced resource requirements
-- **Get started faster** with automatic configuration and no additional setup
+- **Get started faster** with no additional IdP setup required
 
 <Note>
-The embedded IdP uses [Dex](https://dexidp.io/), a lightweight, portable OIDC identity provider that supports federated authentication. Dex runs embedded within the NetBird Management service, requiring no additional containers or databases.
+Local user management is powered by an embedded [Dex](https://dexidp.io/) server running within the NetBird Management service, requiring no additional containers or databases.
 </Note>
 
 [Get Started →](/selfhosted/selfhosted-quickstart)
@@ -35,11 +36,11 @@ This approach provides several key benefits:
 
 | Approach | Best For | Setup Complexity |
 |----------|----------|------------------|
-| **Embedded IdP Only** | Homelabs, small teams, quick deployments | Minimal |
-| **Embedded IdP + Connectors** | Organizations wanting SSO with existing providers | Low |
+| **Local Users Only** | Homelabs, small teams, quick deployments | Minimal |
+| **Local Users + External IdPs** | Organizations wanting SSO with existing providers | Low |
 | **Standalone IdP (Advanced)** | Enterprises with existing IdP investments, SCIM requirements | Moderate to High |
 
-### Embedded IdP Only
+### Local Users Only
 
 The simplest approach—create and manage users directly in NetBird:
 
@@ -50,16 +51,17 @@ The simplest approach—create and manage users directly in NetBird:
 
 [Setup Guide →](/selfhosted/identity-providers/embedded-idp)
 
-### Embedded IdP with Connectors
+### Local Users + External Identity Providers
 
-Combine the simplicity of embedded IdP with your existing identity providers:
+Combine local user management with your existing identity providers:
 
 - Keep local user management as a fallback
-- Add Google, Microsoft, Okta, or other SSO for convenience
-- Configure connectors directly from the Dashboard UI
+- Add Google, Microsoft, Okta, or other providers for SSO
+- **Configure multiple IdPs**—users see all options on the login page
+- Configure everything directly from the Dashboard UI
 - Best of both worlds
 
-[About Connectors →](/selfhosted/identity-providers/connectors)
+[About External IdPs →](/selfhosted/identity-providers/connectors)
 
 ### Standalone IdP (Advanced)
 
@@ -76,7 +78,7 @@ For organizations with specific requirements or existing IdP investments:
 
 ## Identity Provider Options
 
-Each provider page includes both **connector setup** (recommended, for use with embedded IdP) and **standalone setup** (advanced) instructions.
+Each provider page includes both **connector setup** (recommended, for adding to local user management) and **standalone setup** (advanced) instructions.
 
 ### Self-Hosted Providers
 
@@ -109,12 +111,11 @@ In addition to OIDC-based authentication, NetBird supports provisioning users an
 
 ## Migration Guide
 
-If you have an existing NetBird deployment using a standalone IdP (like Zitadel from the previous quickstart), you can continue using it. To migrate to the embedded IdP:
+If you have an existing NetBird deployment using a standalone IdP (like Zitadel from the previous quickstart), you have several options:
 
-1. Export your user list from your current IdP
-2. Deploy the new version with embedded IdP enabled
-3. Recreate users through the Dashboard or API
-4. (Optional) Add your previous IdP as a connector for SSO
+1. **Keep using your standalone IdP** - No changes required, your setup continues to work
+2. **Add your IdP as an external provider** - Keep your IdP but add it as an OIDC provider alongside local users
+3. **Migrate to local users** - Export users from your IdP and recreate them as local users
 
 <Note>
 User data and network configurations are preserved during migration. Only authentication changes—users may need to re-authenticate after the switch.