I synchronized our cloud site, SSO, and configured Azure conditional access to leverage Azure MFA for push based multifactor. It seems as though you are forced to have TOTP enabled for MFA if you leverage SSO. This means you login, approve the Azure MFA push, and are then forced to put in the TOTP as well. Does anyone know if there is a way around the forced TOTP with SSO? I don't think I have overlooked anything but it's certainly possible. Wondering if a feature request may be needed.
