You can use custom Caché Login Page as the simplest solution.
Suppose, you have React (it doesn't matter anyway) csp-application as a client and you need to authenticate single user at time.
You can create
login.csp page somewhere in your project and set it as custom login page. Content could be like this (basic implementation, styles not included):
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<form name="Login" method="post">
<input type="text" placeholder="Login" name="CacheUserName">
<input type="password" placeholder="Password" name="CachePassword">
<button type="submit">Log in
#($select( ($Get(%request.Data("Error:ErrorCode",1))'="")&&($$$GETERRORCODE($Get(%request.Data("Error:ErrorCode",1)))'=$$$ERRORCODE($$$RequireAuthentication)): "<div>The user name or password is incorrect</div>", 1:"") )#
You can change the content of this page to match your application look and logic. You can include any 3rd-party scripts and styles.
Then, in your client app settings (Management Portal) set recently created
login.csp page as custom login page. Also, set Allowed Authentication Methods to "Password" and Session Cookie Path to the same value for both client and rest applications.
?CacheLogout=1 appended. You can also reload the page each
%session.AppTimeout)#' + 15) * 1000 ms to automatically redirect user to login page if session is closed (don't forget to reset this counter after rest requests or/and send some sort of throttled ping after user interactions).