I have some question about sign-in behavior on ADFS and would like to know someone can clarify me here.
I understand that ADFS web applications shares the same session cookie and allows SSO under the same browser session. We have few applications in our ADFS farms, some with MFA requirement and some don't. When signing-in on one application without MFA requirement, if I launch other applications (without MFA requirement) in the same browser, authentication will not be needed and that is what is expected. If I sign-in on one applications with MFA requirement, other applications without MFA requirement will be signing in automatically due to the same reason. Applications with MFA requirement will need to be sign-in. I guess this is also normal because of the extra MFA requirement. However, one particular application with MFA requirement will sign-in automatically (unlike the other). I guessed there is some special setting control that behavior. Does anyone know what is it?