register a provider should be a separated step.
Let's add a user.register_provider(url), any more parameters? does it make sense to have an optional param to pin the cert? And lets make user.authenticate fail if the provider is not already registered. Maybe we could have as well a user.list_providers() that gives you the list of all registered providers.
(from redmine: created on 2016-08-22, closed on 2016-09-07, relates #8402 (closed), relates #8432 (closed))