Majority of our Macs are not registered in Azure AD. We have had reports of users getting promoted way too often to MFA. We use Jamf Connect. But I noticed in the Azure logs Jamf connect shows single factor authentication most of the time and it’s successful. Anything related to Jamf connect multi factor authentication usually shows as Interrupted. If we deploy Company Portal and the Config profile to register device to Azure AD. Would that help with the prompts that users are getting? I also see there is a SSO plugin that Microsoft shows as in preview. Could that also help? It does need Company Portal to be on the device as well I see.
I doubt your problem is with JAMF Connect. JAMF Connect itself cannot trigger MFA, its your IDP that decides if MFA is needed.
JAMF Connect only talks to your IDP when
I would not recommend considering the Comp Portal unless you needed conditional access for something. The Comp Portal also wont change the behavior of MFA.