On apereo cas 6.6 MFA can I check for trusted devices before showing the provider selection screen?

Running CAS 6.6.6 and currently we are using g-auth as our MFA provider along with trusted devices. Looking to add in cas-simple also via the provider selection screen.

I have this working, but we want to amend the user journey so that if a users device is trusted they no longer get presented with the provider selection screen.

Currently it flows:

User login page > provider selection > trusted device check > provide MFA/successful login

When ideally we are looking for:

user login page > trusted device check > (if not trusted) provider selection > provide MFA/successful login

I have made sure trusted devices is turned on for both MFA provider, but looking into the classes on CAS it looks like each MFA provider has its own trusted device implementation, so this might not be possible?

Solution

so this might not be possible?

In CAS 6.6.x, this is not possible without coding.

SSO Integration between 2 webapps using Cognito
Verify Microsoft Access token on my ASP.NET Core Web API
How to set Azure MSAL SSO for my Nextjs14 app using Approuter and next-auth
StackOverflow with Keycloak as login provider returns empty email address
IdentityServer4 and SSO
Spring Boot + Security + MVC + LDAP AD + SSO
Issue with Windows Authentication Type on IIS with Multiple Host Bindings
Generate IDP Certificate in Azure AD for SSO
Disqus SSO, "Your API key is not valid on this domain"
Sign-in With Apple: Possibility To Create Duplicate Account Issue
AADSTS9002325: Proof Key for Code Exchange is required for cross-origin authorization code redemption
MS Graph InteractiveBrowserCredential , Is a Client ID registered in Azure Portal really necessary?
Logout from next-auth with keycloak provider not works
How to validate access token from AzureAD in python?
Outlook SSO NAA in pure JS without node.js
How to create SSO from Liferay to another portal / service?
How to add ForceAuthn flag on AWS cognito
Download file from TeamCity with SSO using bash
Obtain token programatically to go see a page with ASP.NET application
Which is the best sample/approach to start openiddict server to provide logins to wordpress?
No Sustainsys.Saml2 for MVC 3? Are there any alternatives?
Which lib to create an Identity provider to connect to service provider
The page you are looking for cannot be displayed because an invalid method (HTTP verb) is being used
Best way to implement Single-Sign-On with all major providers?
Azure AD token for accessing Graph token
Integration of SSO using MSAL in Angular project gets 401 returned error after login
Simple way to put AWS Lambda app behind SAML authentication
Why wouldn't the IdP initiate contact with the SP in a SAML 2.0 SSO integration?
Log out from SSO kerberos
Getting TypeError: client_secret_basic client authentication method requires a client_secret