2FA (MFA) solutions, Microsoft DirectAccess usage

I am studying how to improve security by adding a 2-factor authentication (aka 2FA or MFA, multiple factor authentication) to the WordPress admin, for which several plugins exist. I also need to find out if users from a company, already logged in to their microsoft network with that “VPN-like” feature, could be recognized as such and be let in the WP backoffice, hence providing a “single sign-on” option for WordPress based on Microsoft DirectAccess. (Kind of a strange pair I know ?? )
Has anybody ever faced this kind of issue? Any solution or hint? I could not find obvious plugins or hacks to work with that DA option.

Thanks, have a nice day.