This has been open for a year and just helped me so.... my issue/solution was as follows:
Issue: During MFA configuration/testing, ALL users could not access portal.office.com and were getting the strong authentication required error
As LarryAlexander-1838 explained the below command returned additional auths but should not have:
(run PS as admin)
$ThisRPT="{Your RPT}"
(Get-AdfsRelyingPartyTrust -Name $ThisRPT).AdditionalAuthenticationRules
I confirmed via the GUI, I had the right custom access issuance rules and then ran:
Get-AdfsRelyingPartyTrust $ThisRPT | Set-AdfsRelyingPartyTrust -AdditionalAuthenticationRules $null
This blanked out the additional authentication rules attribute and my users were able to access the RP again.
Note this fixed my problem and my not fix yours.