We have the following scenario, some users have BOX storage accounts and we need to configure a federated link between box and our on premise ADFS environment. This is well documented and standard setup. We would also like to integrate the ADFS with our on Prem Azure MFA server. So when people login they will also be prompted for MFA. But we also want to whitelist our office IP's so they don't have to use MFA, has anybody worked on this scenario ?