diff --git a/internal/api/grpc/user/v2/intent.go b/internal/api/grpc/user/v2/intent.go
index 8043a9bdae..afb34deb83 100644
--- a/internal/api/grpc/user/v2/intent.go
+++ b/internal/api/grpc/user/v2/intent.go
@@ -167,11 +167,11 @@ func (s *Server) RetrieveIdentityProviderIntent(ctx context.Context, req *user.R
 		var idpUser idp.User
 		switch p := provider.(type) {
 		case *apple.Provider:
-			idpUser, err = unmarshalIdpUser(intent.IDPUser, &apple.User{})
+			idpUser, err = unmarshalIdpUser(intent.IDPUser, apple.InitUser())
 		case *oauth.Provider:
 			idpUser, err = unmarshalRawIdpUser(intent.IDPUser, p.User())
 		case *oidc.Provider:
-			idpUser, err = unmarshalIdpUser(intent.IDPUser, &oidc.User{UserInfo: &oidc_pkg.UserInfo{}})
+			idpUser, err = unmarshalIdpUser(intent.IDPUser, oidc.InitUser())
 		case *jwt.Provider:
 			idpUser, err = unmarshalIdpUser(intent.IDPUser, &jwt.User{})
 		case *azuread.Provider:
@@ -179,9 +179,9 @@ func (s *Server) RetrieveIdentityProviderIntent(ctx context.Context, req *user.R
 		case *github.Provider:
 			idpUser, err = unmarshalIdpUser(intent.IDPUser, &github.User{})
 		case *gitlab.Provider:
-			idpUser, err = unmarshalIdpUser(intent.IDPUser, &oidc.User{UserInfo: &oidc_pkg.UserInfo{}})
+			idpUser, err = unmarshalIdpUser(intent.IDPUser, oidc.InitUser())
 		case *google.Provider:
-			idpUser, err = unmarshalIdpUser(intent.IDPUser, &google.User{User: &oidc.User{UserInfo: &oidc_pkg.UserInfo{}}})
+			idpUser, err = unmarshalIdpUser(intent.IDPUser, google.InitUser())
 		case *saml.Provider:
 			idpUser, err = unmarshalIdpUser(intent.IDPUser, &saml.UserMapper{})
 		case *ldap.Provider:
diff --git a/internal/idp/providers/apple/session.go b/internal/idp/providers/apple/session.go
index 9395d84b2b..99794d18a2 100644
--- a/internal/idp/providers/apple/session.go
+++ b/internal/idp/providers/apple/session.go
@@ -60,6 +60,10 @@ func NewUser(info *openid.UserInfo, names userNamesFormValue) *User {
 	return &User{User: user}
 }
 
+func InitUser() idp.User {
+	return &User{User: oidc.InitUser()}
+}
+
 // User extends the [oidc.User] by returning the email as preferred_username, since Apple does not return the latter.
 type User struct {
 	*oidc.User
diff --git a/internal/idp/providers/google/google.go b/internal/idp/providers/google/google.go
index 221f2b61ae..083d4aef62 100644
--- a/internal/idp/providers/google/google.go
+++ b/internal/idp/providers/google/google.go
@@ -34,6 +34,10 @@ var userMapper = func(info *openid.UserInfo) idp.User {
 	return &User{oidc.DefaultMapper(info)}
 }
 
+func InitUser() idp.User {
+	return &User{oidc.InitUser()}
+}
+
 // User is a representation of the authenticated Google and implements the [idp.User] interface
 // by wrapping an [idp.User] (implemented by [oidc.User]). It overwrites the [GetPreferredUsername] to use the `email` claim.
 type User struct {
diff --git a/internal/idp/providers/oidc/session.go b/internal/idp/providers/oidc/session.go
index 430a14e5bb..9e1e55baf5 100644
--- a/internal/idp/providers/oidc/session.go
+++ b/internal/idp/providers/oidc/session.go
@@ -96,6 +96,10 @@ func NewUser(info *oidc.UserInfo) *User {
 	return &User{UserInfo: info}
 }
 
+func InitUser() *User {
+	return &User{UserInfo: &oidc.UserInfo{}}
+}
+
 type User struct {
 	*oidc.UserInfo
 }