Hi folks. This looks great but just a couple of hiccups
1. I tested this on a new user - created a password as part of the new user creation and then a temporary access pass from their AAD option. However, I was still able to sign-in with the original password that was created during the user setup (but I understand ordinally admin wouldn't share that password with them). Will the temp access pass eventually be an option during the user account creation process?
2. When the user does sign-in with temp access pass we are prompted with MFA setup (this is done through CA) but the option presented is only Authenticator app. I was able to skip that my selecting something like "Setup later or skip for now" this allowed me to get to the myaccount portal and add a key from there. This part could be smoother.
Overall this all looks very promising - thanks team.