I'm using wso2am-2.1.0 and I have this use case where the user should be authenticated using the Microsoft Authenticator app. Currently, I have integrated the Microsoft AD as a federated identity provider with SAML SSO at the service provider and the outbound flow redirection to the Microsoft login page happens just fine. However, the new requirement specifies that the user should be authenticated using just the authenticator app without using the password. I tried to find a specific guide for this in the documentation but I couldn't find one. Any guide to achieve this use case is highly appreciated. Thanks in advance.
There are no specific configurations to be done at the WSO2 API Manager server to achieve your requirement.
When Identity Federation is configured, WSO2 API Manager will redirect the login to Microsoft, and it is entirely up to Microsoft to handle the authentication (based on credentials, keys, or apps). Please check if there are any options on the Microsoft login page to use alternate forms of credentials to log in.