Hi @HK G • Thank you for reaching out.
Yes, MFA for on-premise applications does require either P1 or P2 license, but this requirement is not hard enforced. Which means, when P1/P2 license is assigned even to a single user account in a given tenant, the P1/P2 capabilities are unlocked for that tenant and all users in that tenant can use P1/P2 features. However, to stay compliant, all the users who are using the features that require P1/P2 license must be assigned with these licenses.
So, MFA for a user without either P1 or P2 license can be enabled, but in that case you will be non-compliant.
-----------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.