I'm looking for an idea/solution that works on both Windows 8.1 and Windows 10.
For critical actions in my WPF application I want the user to explicitly authenticate again against the operating system. On the web exist many custom solutions like NuGet packages that look like a Windows prompt that asks the user for the password. Like the one that shows up, if you try to access network shares you are not authenticated for.
I do not want to use those custom solutions, I want to use those provided by operating system, if any.
In detail I'm looking for something like that:
WindowsIdentity identity = WindowsIdentity.GetCurrent();
bool authenticated = [WindowsAPI].Authenticate(identity);
if(authenticated)
{
//do critical action
}
Does such a WindowsAPI exist?
EDIT: The WindowsAPI should have an own UI and, in best case, validates the credentials and does not store any.
The overall answer is: No, there does not exist a Windows API that includes an own UI and additionally validates the entered credentials.
In short, I used CredUIPromptForWindowsCredentials that pops up a configurable operation system dialog to enter credentials, CredUnPackAuthenticationBuffer to unpack credentials and LogonUser to verify the unpacked credentials. At the end clear the memory allocated by CredUIPromptForWindowsCredentials using CoTaskMemFree.
MS Docs:
P/Invoke Docs: