If blocking this integration will ever be in their interest (I can't say much about this though), then they'll just tighten the grip as soon as passkeys are the norm and other auth methods are deprecated. It's always easy to invoke generic or obscure "security" reasons, even if it means creating the problems themselves so they come with the solution just in time.