JS function to authenticate and trigger a function without redirection

I’ve got a custom Javascript app that sends PATCH and POST request to a REST API endpoint when the user clicks on an specific button. I need that, every time, user clicks that button, an Okta login dialog is prompted (preferably popping up but redirection is fine) and if authentication success then an ajax request is sent in the backend to that REST API endpoint. Session stays as is. There is no need to redirect. Despite having the user already authenticated, we want to establish an extra security check when that button is clicked and keep audit record.

Is there any example available or would you offer some guidance?

Hi there @GabrielB !

Have you looked into step-up authentication? The idea is that while basic access with authentication is fine, sensitive resources/actions require extra authentication. Depending on your Okta authentication model, you may need to redirect. Redirecting to Okta is the most secure way to handle authentication.

Here’s some blog posts to learn more:

and one from Auth0

Cheers to stepping up security!

1 Like