Hi! We have an Ory production plan project (id 5c934475-9e84-48bb-acc4-6a9813b0215a) and we're seeing some unexpected behavior around the OAuth2 logout endpoint. Using the Ory exemplary OAuth2 client and the default account experience hosted by Ory, when a user logs in, and then logs out through the oauth2/sessions/logout URL, we get a message that the user was logged out succesfully. However if we then navigate to /ui/settings we can still change the users password. This seems to only happen when we include the idp_token_hint query parameter in the logout URL, if we omit that then the issue does not seem to occur. Is this the expected behavior?