With that and a well-known endpoint for changing passwords (not quite the same thing as what you’re describing; https://w3c.github.io/webappsec-change-password-url/) we are moving in that direction.