Hi all, I hope this is the righthe forum for the topic...I'm wondering if this design is possible.
We have 1 B2C service with many app registrations requiring a standard username and password. We have another app that we want to register and use the same identity, but for this one we need MFA.
So if a user is already logged in through one app, then they can open another app and be already logged in. But if they come to this new app that needs MFA then they get a redirect to the MFA login screen.
Vice versa, if they already have a logon asserted with MFA, then they should be able to navigate to all other apps that need the same level of MFA or lower without the need to authenticate again.
Is this scenario possible? And any documentation that supports it?