JS function to authenticate and trigger a function without redirection

GabrielB · November 23, 2023, 9:12am

I’ve got a custom Javascript app that sends PATCH and POST request to a REST API endpoint when the user clicks on an specific button. I need that, every time, user clicks that button, an Okta login dialog is prompted (preferably popping up but redirection is fine) and if authentication success then an ajax request is sent in the backend to that REST API endpoint. Session stays as is. There is no need to redirect. Despite having the user already authenticated, we want to establish an extra security check when that button is clicked and keep audit record.

Is there any example available or would you offer some guidance?

alisaduncan · November 29, 2023, 2:23pm

Hi there @GabrielB !

Have you looked into step-up authentication? The idea is that while basic access with authentication is fine, sensitive resources/actions require extra authentication. Depending on your Okta authentication model, you may need to redirect. Redirecting to Okta is the most secure way to handle authentication.

Here’s some blog posts to learn more:

and one from Auth0

Cheers to stepping up security!

Post		Replies	Views
Step-up Invocation not happening Questions nodejs	3	69	December 6, 2024
2FA Screen OnDemand on button click OAuth/OIDC	3	40	October 7, 2024
Authenticate users using Okta SignIn without redirecting the users to Okta page OAuth/OIDC	2	1574	January 17, 2024
Best approach for legacy stack? Questions	13	3551	February 6, 2024
Using redirect method on vanilla javascript app OAuth/OIDC javascript	2	1458	February 17, 2024

JS function to authenticate and trigger a function without redirection

Related topics