Hi. At our company, we've encountered this same issue you're describing here. Our internal customers use Microsoft as an identity provider, but often (though not every time) users are sent to FusionAuth and asked for MFA.
Did you ever find a solution for this, or a lead? My initial thought was that it had something to do with session time, and that a user was trying to log back in while still technically logged into FusionAuth, but so far no amount of adjusting session times has helped, so that might be heading down the wrong road.