Two Authentication providers - both Okta

New to Okta and trying to integrate it into .net 7.
The application use case is to have a user authenticate. During their normal application flow, they are asked to re-authenticate (enter username/password). I do NOT want to invalidate or overwrite the previous user credentials or user session. I only need to have a “pass/fail” for this re-authentication as well as their full name so that I can timestamp & post user name who did the re-authenticate.

I’ve tried modifying my program.cs to have two providers; however, I’ve been unsuccessful in my attempts.

builder.Services.AddAuthentication(options =>
    {
        //options.DefaultAuthenticateScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        //options.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        //options.DefaultChallengeScheme = "OpenIdConnect";
        options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
        options.DefaultChallengeScheme = OpenIdConnectDefaults.AuthenticationScheme;
    })
    .AddCookie(CookieAuthenticationDefaults.AuthenticationScheme)
    .AddOpenIdConnect(OpenIdConnectDefaults.AuthenticationScheme, options =>
    {
        options.SignInScheme = CookieAuthenticationDefaults.AuthenticationScheme; // Use cookie as the primary authentication scheme

        options.ClientId = builder.Configuration.GetValue<string>("Okta:ClientId");
        options.ClientSecret = builder.Configuration.GetValue<string>("Okta:ClientSecret");
        options.Authority = $"{builder.Configuration.GetValue<string>("Okta:OktaDomain")}/oauth2/default";
        options.CallbackPath = "/authorization-code/callback";
        options.ResponseType = "code";
        options.SaveTokens = true;
        options.UseTokenLifetime = false;
        options.GetClaimsFromUserInfoEndpoint = true;
        options.Scope.Add("openid");
        options.Scope.Add("profile");
        options.Scope.Add("email");

        options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
        {
            NameClaimType = "name",
            RoleClaimType = "role"
        };

        options.Events = new OpenIdConnectEvents()
        {
            OnUserInformationReceived = context =>
            {
                return UserRoleService.AddUserRoles(context);
            }
        };
    });

builder.Services.AddAuthentication("SecondaryAuthentication")
    .AddOpenIdConnect("SecondaryAuthentication", options =>
    {
        options.ClientId = builder.Configuration.GetValue<string>("Okta:ClientId");
        options.ClientSecret = builder.Configuration.GetValue<string>("Okta:ClientSecret");
        options.Authority = $"{builder.Configuration.GetValue<string>("Okta:OktaDomain")}/oauth2/default";
        options.CallbackPath = "/authorization-code-2/callback";
        options.ResponseType = "code";
        options.SaveTokens = true;
        options.UseTokenLifetime = false;
        options.GetClaimsFromUserInfoEndpoint = true;
        options.Scope.Add("openid");
        options.Scope.Add("profile");
        options.Scope.Add("email");

        options.TokenValidationParameters = new Microsoft.IdentityModel.Tokens.TokenValidationParameters
        {
            NameClaimType = "name",
            RoleClaimType = "role"
        };
    });

Do I even need two authentication methods? Is there a way to force the user to re-enter their credentials and get a “pass/fail” without invalidating their current user session?