Simple flow where Password is replaced by MFA

Identifier-First --> PingOne MFA

Note: This only works if the User is already enrolled into PingOne MFA (PF doesn't consider the User already authenticated).

Use the Risk-MFA Experience first (remember to trigger the MEDIUM --> MFA step)