According to the doc : Securing Applications and Services Guide
it might be possible to force a user re-authentication
but I was not able to make it work
For that I used the KeyCloak test app (Keycloak - Test Application) with Firefox and tried to replay requests with additional parneters
But always the answer was
==> How to make it work ?