Before implementing DUO as IDP for Microsoft Azure AD, we could use Microsoft identity platform to force new authentication with user name and password + optional MFA, setting prompt to login:
https://learn.microsoft.com/en-us/azure/active-directory/develop/msal-js-prompt-behavior
Can you recommend an alternative using DUO to force new authentication in web application?
New authentication is used as digital signature.