cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
431
Views
0
Helpful
1
Replies

How to force new authentication in web application

Olof_Olsson
Level 1
Level 1

Before implementing DUO as IDP for Microsoft Azure AD, we could use Microsoft identity platform to force new authentication with user name and password + optional MFA, setting prompt to login:
https://learn.microsoft.com/en-us/azure/active-directory/develop/msal-js-prompt-behavior

Can you recommend an alternative using DUO to force new authentication in web application?
New authentication is used as digital signature.

1 Reply 1

DuoPablo
Cisco Employee
Cisco Employee

Hi @Olof_Olsson ,

Duo authentication is invoked only when the protected application enters a primary authn workflow, meaning that Duo cannot override the application once a user has been logged in. The application must perform a session timeout/expiry/logout in order to allow Duo to prompt for 2FA (again, only after primary authn succeeds). If using Azure, AD you might look into the use of Refresh Tokens or similar: Refresh tokens in the Microsoft identity platform - Microsoft Entra | Microsoft Learn

Thanks!

Quick Links