I’m developing a web application where I only have users’ UPNs (User Principal Names). I need to obtain individual tokens for each user based on their UPN without prompting them with an additional login window. Since I do not have access to users’ passwords, the goal of this authentication process is to enforce access restrictions to specific features based on each user’s permissions. Is this feasible to implement?