I have setup RSA as multi factor authentication in ADFS 3.0 (windows server 2012 R2). I have 2 "Claims Provider Trust":
1. Active Directory (so I can log in using windows credentials)
2. Thinktecture Identity Server (so users from outside of my domain can log in with provided username/passwords)
When I login to the ADFS using Active Directory as identity provider I am prompted for Security Code (which is the expected behavior). However when I log in using a third party identity provider, I am authenticated and redirected to relying party application. I was expecting that multi-factor authentication would work for all Claims Provider Trusts.
In Multi-Factor authentication global settings specified that MFA is required for both extranet and intranet. Any idea why it does not work for identity provider other than Active Directory.