We are currently migrating existing users of our enterprise application to Okta. And there are few users who will also act as federated users with their identity providers. These users access application using web apps and also from native mobile apps. Web app users can use okta routing idp discovery to login via federated idps, but at the same time we also want them to access the native application with their existing username and password which we want to store as okta mastered accounts.

Just a question in my mind that whether the same thing can be achieved at the same time in such a way that a same user can use their federated credentials via idp discovery and access okta mastered account. I remember someone told me that once a user who has okta mastered account and comes from a federated setup, his password got reset and that user cannot access the native application by using the resource owner flow username and password.