Hello, we are setting up Azure MFA with ADFS. I have implemented a Conditional Access policy to require users to use MFA. However, when users log in they are not prompted to enroll in MFA, but instead it looks like ADFS is passing off to Azure that the user has already passed MFA.
In the Sign in Logs I'm seeing these two messages:
"MFA requirement satisfied by claim in the token"
and
"MFA requirement satisfied by claim provided by external provider"
I am not integrating Azure MFA within ADFS, I'm letting MFA happen all on O365 as I found the sign up process clunky for end users. Is there a way to have the user log in through ADFS and then get prompted for Azure MFA?