I need to provide an area of my application for my customers’ customers to input data while they are present at their respective physical locations.
This area must not be publicly accessible. Further, once in this area, I need to prevent the end users from accessing the main application. Therefore, I would like to require my customer to login to the main application and then serve the “customer” mode as a separate application.
I’m wondering if there’s a way to force the user to re-enter their credentials when returning from “customer” mode to the regular application. I’m aware of the prompt=login option, however, I’m using an SPA and definitely don’t want to repeatedly require credentials if they haven’t ever entered “customer” mode.
If there’s a way to alter the auth0 cookie to store that they’ve entered customer mode that would be sufficient but I can’t find any documentation to that effect.