You can update the TrustFrameworkExtensions file by adding a custom claim transformation and a technical profile to check if the account exists with a previous IDP. Use AzureActiveDirectoryUserReadUsingAlternativeSecurityId or similar logic to query based on the old IDP identifier.