I created an API key with a user from Qlik Account (Default IdP). After that,I used EntraID to integrate IdP (Single Sign On)

Questions:

1. As long as I do not change the Default IdP to Inactive, the API key remains usable. Is this behavior correct according to the specifications?
2. To disable API usage, is it necessary to make the user Inactive regardless of the IdP?

Thank you.