Brad, you should not be using security provider as a step in your server actions.
Security provider should be defined once under globals and then in your login step yyjuat add login step and select the security provider from the dropdown.
Same for the other server action, using the restrict step.
So fix these please.
Also what’s your workflow there? You log in and then what happens? What do you actually do with your other server action?