An application (SharePoint on premise) must be secured with strong authentication.
Presently a bunch of IdPs which do not have any strong authentication mechanism are used to access this application. And there is not any short term possibility to add strong auth on each of these IdPs. Would it be possible to add an extra authentication mechanism such as an OTP by email when the SP of the application receives a valid token from any of these IdPs (assuming the email address is also sent by the IdPs). Has anyone done something similar, and shared it with the community?
Any advices are welcome.