Hi,
I have a requirement where I want the user to enter his current password (as a security measure) before making an request to api to update his password . In order to achieve that, I should somehow validate the current user password when he is already logged in. How can I achieve that.
My failed approaches:
- I tried a different audience thinking it would prompt to login . Instead i’m getting the token silently with the new audience.
- Tried to fire login call with different client id, but then I was in a redirect loop.