ReAuthentication for a logged in user

techfordev25 · June 23, 2021, 11:05am

Hi All,

Need to implement this functionality posted in these two topics

https://salesforce.stackexchange.com/questions/251724/only-authorise-the-user-using-okta-credential-not-loggin-in-salesforce

Basically, during approval of a record, use case is “where a user needs to verify they are who they say they are when making a change. E.g. They update a record, click save, then we prompt them for their username and password. In this case the user is already logged in but in order to be 21 CFR Part 11 compliant we need to ask them again to ensure that the user requesting the change is actually the user logged in.”

Can someone please post sample code and the steps involved. Thanks

okra-okta · June 23, 2021, 8:06pm

As mentioned in one of the posts you linked, can’t you use ForceAuthn?

techfordev25 · June 24, 2021, 8:05pm

Thanks Okra-Okta for replying. I haven’t worked on the authentication part yet, actually I am not very familiar with Authentication Apis as I haven’t worked on it before. I saw some example code here Authentication | Okta Developer … wanted to know if I should use Primary Authentication with Public Application - Request Example OR ‘Primary Authentication with Trusted application - Request Example’ . I appreciate if you are able to give me pointers to get started and then where to use the ForceAuthn ?
Thanks

okra-okta · June 28, 2021, 6:59pm

From what I’ve read, the ForceAuthn flag can be set by the SP in a SAML flow.

I don’t believe it is related to the primary authentication endpoint.

techfordev25 · June 30, 2021, 7:14pm

Ok thanks. I think on okta app we can set the timeout to 0 seconds for reauthentication. I am trying out, I will get if I need anything. Thanks

system · February 8, 2024, 6:37pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.