How to re-authenticate a logged in user before performing a dangerous action (enter password)?

euggrie · March 4, 2019, 4:32pm

Hi! Sorry in advance if this question has been answered before, I’m new to Auth0 and I’ve been browsing the documentation but I can’t find a find to solve my problem.

I have a regular web application implemented with Rails, and I need to verify the user password before continuing with a specific action (deleting an object). The user is already logged in at this stage so it’s just an extra security step to make sure the user is aware of the consequences.

Currently a user will see a popup requiring to enter their password before continuing, and if this matches their db information, the object will be deleted.

Is there a way to implement this with Auth0 if I’m using a database connection?

Many thanks!

markd · March 4, 2019, 6:12pm

Hello @euggrie,

This information on step-up authentication might be helpful:

https://auth0.com/docs/multifactor-authentication/step-up-authentication

euggrie · March 4, 2019, 6:24pm

I think this is exactly what I needed, thank you for your help!

markd · March 4, 2019, 6:34pm

Awesome! Let us know how you make out.

Cheers!

system · August 30, 2019, 9:45am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Ask a user to re-verify password before proceeding with action Help	7	3658	November 4, 2021
Handling password by Auth0 Help management-api , users	2	381	January 3, 2024
Re-Authenticate User before sensitive operations Help	2	7300	July 25, 2019
Compare password hashes Help user-management , user-password-management	2	1092	July 28, 2023
Best way to check if a password is correct Help password , step-up	2	10382	March 2, 2018

How to re-authenticate a logged in user before performing a dangerous action (enter password)?

Related topics