Authenticating users without a password via a backend call

Is there a way to authenticate a user and create a session without a pass via a backend call to Okta?
The only auth flow I found that doesn’t require a password is primary auth with activation tokens which is irrelevant as I’m talking about a standard login, not a user activation journey.
I know that in a lot of other CIAM systems it is possible to generate a session via a backend call using privileged credentials such as an admin token for instance.

The full journey should look like this:

  • User goes into my website, enters his username / email and clicks a button
  • This button calls my own custom backend to log the user in
  • My backend calls Okta API to generate a session token / cookie and returns it
  • My frontend uses the returned token / cookie to set the session on the frontend and log the user in