Silent logout, login without cache token

Core Library

MSAL.js v2 (@azure/msal-browser)

Core Library Version

2.20.0

Wrapper Library

MSAL Angular (@azure/msal-angular)

Wrapper Library Version

2.0.6

Description

Hi guys, i have a little special use case: I have a signed in user in my application, but the app requires also an four eyes principle. So I have to aquire a token(which will be checked in backend) for a second user with prompt login. This is where my problems start: If i aquire the token for the second user, the second user stays logged in and i have to show the logout page where the second user must interactivate again. Currently this is a security issue, because if logout is not properly executed it is possible to sign in to all microsoft services via SSO So i look for a solution to aquire a token without being cached or an option to logout silent. Can you help me please?

MSAL Configuration

auth: {
    clientId: 'XXX',
    authority: 'https://login.microsoftonline.com/XXX/',
    redirectUri: '/',
    postLogoutRedirectUri: '/logout'
  },

  cache: {
    cacheLocation: BrowserCacheLocation.SessionStorage,
    storeAuthStateInCookie: false
  }

Relevant Code Snippets

this.msalSvc.acquireTokenPopup({ loginHint: user.userPrincipal, prompt: 'login', scopes: ['api://XXX/sign']} as PopupRequest).subscribe({
...
this.msalSvc.instance.logoutPopup({ account: response.account, postLogoutRedirectUri: null});

Identity Provider

Azure AD / MSA

Source

External (Customer)