How to re-authenticate a logged in user before performing a dangerous action (enter password)?

euggrie · March 4, 2019, 4:32pm

Hi! Sorry in advance if this question has been answered before, I’m new to Auth0 and I’ve been browsing the documentation but I can’t find a find to solve my problem.

I have a regular web application implemented with Rails, and I need to verify the user password before continuing with a specific action (deleting an object). The user is already logged in at this stage so it’s just an extra security step to make sure the user is aware of the consequences.

Currently a user will see a popup requiring to enter their password before continuing, and if this matches their db information, the object will be deleted.

Is there a way to implement this with Auth0 if I’m using a database connection?

Many thanks!

markd · March 4, 2019, 6:12pm

Hello @euggrie,

This information on step-up authentication might be helpful:

https://auth0.com/docs/multifactor-authentication/step-up-authentication

euggrie · March 4, 2019, 6:24pm

I think this is exactly what I needed, thank you for your help!

markd · March 4, 2019, 6:34pm

Awesome! Let us know how you make out.

Cheers!

system · August 30, 2019, 9:45am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.