MFA with ZPA timeout policy


Dear Expert,

Have customer requirement to have daily MFA for ZPA(vendor access). Learnt that zpa timeout policy doesn’t delete the authentication token when it triggered, user straight away get authenticate after clicking the re-auth button and no MFA was prompted. Customer using Azure AD(premium). How can ZPA achieve the requirements? If only timeout policy will delete the authentication token and my problem will solve…Any advise?