I have a use case in Okta (WIC). I want my customers to log in to Okta using only a password. We’re integrating with Kount (a fraud management tool) via a token hook. Based on the response from Kount, we want to challenge the user with MFA using step-up authentication and the ACR value urn:okta:loa:1fa:okta_verify. However, the system is still asking for the password again during authentication. How can we configure this flow to only ask for MFA without requiring the password again? And also, how can we detect if this is the second time the user is being authenticated, as it seems to be causing a loop?
A quick response will be useful