Thanks for the feedback.
The things that I am not certain is how some ADFS applications (with MFA requirement) can share the sign-in credential from the previously login-in but not the others. Here is a example.
3 ADFS applications all require MFA in the access policy. A, B and C
When users sign-in to application A successfully, launching application B will automatically sign-in in the same browser.
When users sing-in to application B successfully, launching application C will not sign-in automatically in the same browser. Users will need to enter their credential and MFA.
So what settings control these behavior. It looks to me is from the application sides as I compared the ADFS settings for both application (relying party trust) B and C and didn't see anything too obvious.