Thanks for your response.
I am already using User pre-selection. But it only skip the gluu login page.
If someone change the auth url and remove preselectedExternalProvider from it then he/she can see and use all available login options.
So this User pre-selection method is not secure at all , its just for skipping one step and enhancing user experience.