I have setup an userpool with two login methods. One using hosted UI with userpool to signup/sign-in users. And ther other using a Federated Identity Provider (IDP). For both login methods(Appclients) I have enabled and used Code Auth Flow + PKCE (So the code <-> token exchange could be completely handled by the client - react web frontend).
I have also setup an Identity pool for users' to get temporary credentials to complete the MFA (TOTP) setup from react web frontend.
Now, I could complete the MFA setup - showing the QR code (AssociateSoftwareToken), performing VerifySoftwareToken (after user gets the one time token using code generator app- google authenticator in my case) and updating userpool for user's preference with SoftwareTokenMfa settings.
When users Login using the hosted-UI (with useraccounts created through Cognito ), Cognito performs the MFA challenge before redirecting with (oauth) code.
But when users logged in using Federated Login, Cognito redirects the user back to application with oauth code.
Is there anyway, I could make Cognito perform MFA for users logging-in using Federated Login?
