There is no push mechanism in Azure to do that like DUO.
Its a much requested feature:
https://feedback.azure.com/d365community/idea/97898804-e825-ec11-b6e6-000d3a4f06a4
Otherwise, you would need to build your own policies for verification. I would personally like to see a CA policy that can target SSPR itself and require device compliance, etc.