I have a custom authenticator that is executed in each browser flow. This authenticator logic uses some user attributes.
In order to populate these attributes, I have a custom required action that the user has to complete once upon registration. Once the required action is completed, the custom authenticator should be executed.
My question is; can I reset the authentication flow after completion of the required action? Prefarably without a re-enter of the user’s credentials.
However the problem is that this call to #restartSession forces the user to log in again, which is what I’m trying to avoid.
I want go through the whole authentication flow, so I guess I want to invalidate the session, but I also want to retain the credentials to do all that without having to log in again.
Because there already is an ongoing session, the cookie authenticator will login the user without entering his password. The other authenticators configured in your browser flow will then be executed.
Any tips on how to improve the getLoginUrlFromRequiredActionContext method are welcome.