/v1/auth/providersPublic, login-time provider discovery (FR-011, FR-013). Returns the active SSO provider configured for the current tenant, or `null` when no IdP is active. No secrets, no client_id, no scopes — only what the frontend needs to render a button and start the flow. Tenant is resolved from the request **Host header** (or the configured main tenant in ``main_tenant`` mode). The unauthenticated ``X-Tenant-Id`` header is intentionally NOT honoured here — without that gate the endpoint becomes a tenant-enumeration oracle (200/404 distinguishes existing UUIDs).
curl -X GET '/api-proxy/v1/auth/providers' \
-H 'Authorization: Bearer <YOUR_TOKEN>'No response body documented
curl -X GET '/api-proxy/v1/auth/providers' \
-H 'Authorization: Bearer <YOUR_TOKEN>'No response body documented