No more complicated than usual, as there's separation of concerns. You'd have your IdP, which provides authentication and account management. The IdP then integrates with an application or service using some authentication protocol (OIDC, SAML, LDAP, etc), so downstream only relies on the protocol.

It could get messy if you had some identity-aware proxy in front of your IdP.