We have added the ability to authenticate users with Okta using OIDC. We have a feature to require electronic signature on finalizing reports where users reenter their password(reauthenticate). I know we could have them completely login again but they could also change the username on that login screen.
If someone could point me in the right direction for what I am looking for would be grateful.
Have you tried using the prompt=login parameter? If the user has an active session, they should only be prompted for their password to re-authenticate.
Another potential option is Step-up authentication, which would be a better fit if you want an additional factor/authenticator verification before the user completes this more secure action