Is there a way to get a passcode on behalf of a user programmatically?

What we have is a proxy that hits a management API to approve products for developer apps. We are using a proxy so that we can change the post into a get so a user can click a link to do the approval. When they click the link we send back a WWW-Authenticate header to prompt them to enter their Apigee credentials (which allows them to do the approval based on their role).

With SSO we can no longer pass in basic Auth credentials so we are wondering how to do this flow with SSO. Help would be very much appreciated.