Force Authenticate Users with SSO
To be FDA compliant, and force the user to enter the combination of their user name and password, your identity provider has to support forced re-authentication with the option prompt=login.
promt=login
Regardless of the current user authentication state, the Authorization Server SHOULD prompt the End-User for reauthentication. If it cannot prompt the End-User, it MUST return an error.
Regardless of the current user authentication state, the Authorization Server SHOULD prompt the End-User for reauthentication. If it cannot prompt the End-User, it MUST return an error.
 |
Google OAuth does not support forced re-authentication.
|
There is no promt=login value for Google OAuth 2.0. at the time of writing this documentation (possible values are none/consent/select_account).
Regenerate Signature
Most of the features that are using the signature generation enabling the user to regenerate the signature if that is needed. There is an icon for that purpose next to the Successfully signed label: 
Click this icon to restart the signature generation process.