User to Server to Okta Server

I would like to add Okta security to an API call through a back channel to an Okta authorization server. The User is already signed in to an existing on-prem solution so I don’t want the user to sign in twice. It would appear that I would need a Client Id and Password for that user that the Okta server would accept and send back an Auth/ID token.
What is the Okta standard flow for the above case?

Hi @maa1dz

You can use the Factors API to trigger an MFA for the user when the back-end call is done. This will not require an authentication from the user, provided he is already enrolled in the factor.