I am having an web-application built in PHP codeigniter and required to re-authenticate users when they are performing certain operation as a way to take electronic signature of the user. This require re-authenticate already logged in user.
I have integrated OKTA with SAML 2.0 protocol where OKTA is IdP and login is SP initiated at my application and user is redirected to OKTA login page, user logs in and is redirected back to my application.
Now at some stage when a user say updates a record, before updating the record, I need to re-authenticate the user verifying the operation is done by the same user who is logged in.
Do I need to use :-
Primary Authentication with Public Application