As an administrator I do not want to be able to disable the entire local login IDP.

Disabling the local login can cause many issues since when the main IDP is in error it is not possible to login as a local administrator anymore.

Instead of disabling only the hide option should be available. If restricting the local login is required portal access rules targeted on the Local IDP could be applied.