auth provider safe destroy

app/controllers/api/auth_providers_controller.rb

@@ -31,8 +31,11 @@ class API::AuthProvidersController < API::ApiController
 
   def destroy
     authorize AuthProvider
-    @provider.destroy
-    head :no_content
+    if @provider.safe_destroy
+      head :no_content
+    else
+      render json: @provider.errors, status: :unprocessable_entity
+    end
   end
 
   def mapping_fields
@@ -56,7 +59,7 @@ class API::AuthProvidersController < API::ApiController
         params.require(:auth_provider).permit(:name, :providable_type)
       elsif params['auth_provider']['providable_type'] == OAuth2Provider.name
       params.require(:auth_provider).permit(:name, :providable_type, providable_attributes: [
-                                                     :id, :base_url, :token_endpoint, :authorization_endpoint, :profile_url, :client_id, :client_secret,
+                                                     :id, :base_url, :token_endpoint, :authorization_endpoint, :logout_endpoint, :profile_url, :client_id, :client_secret,
                                                      o_auth2_mappings_attributes: [
                                                          :id, :local_model, :local_field, :api_field, :api_endpoint, :api_data_type, :_destroy,
                                                          transformation: [:type, :format, :true_value, :false_value, mapping: [:from, :to]]

app/models/auth_provider.rb

@@ -80,6 +80,14 @@ class AuthProvider < ActiveRecord::Base
     providable.profile_url
   end
 
+  def safe_destroy
+    if self.status != 'active'
+      destroy
+    else
+      false
+    end
+  end
+
   private
   def set_initial_state
     # the initial state of a new AuthProvider will be 'pending', except if there is currently