MFA only allow initial setup from inside corporate network.
Please allow configuration of initial MFA setup for users so that they can only do initial setup of their MFA from within our corporate network. Also the ability to pre-provision and lock-down their MFA settings (cell phones etc). We need to be able to make sure that not just anyone from outside can do the initial provisioning of a users MFA setup. In case a users password is compromised.
Shawn Pederson commented
Yep, we need this as well.