Add new SSO management profile for TOTP input screen

policies/totp/policy/TrustFrameworkExtensions_TOTP.xml

@@ -332,7 +332,7 @@
           </OutputClaims>
         </TechnicalProfile>
 
-        <!-- TOTP session manager-->
+        <!-- TOTP session manager for verification-->
         <TechnicalProfile Id="SM-MFA-TOTP">
           <DisplayName>Session Mananagement Provider</DisplayName>
           <Protocol Name="Proprietary" Handler="Web.TPEngine.SSO.DefaultSSOSessionProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
@@ -342,6 +342,16 @@
           </PersistedClaims>
         </TechnicalProfile>
 
+        <!-- TOTP session manager for input-->
+        <TechnicalProfile Id="SM-MFA-Totp-Input">
+          <DisplayName>Session Mananagement Provider</DisplayName>
+          <Protocol Name="Proprietary" Handler="Web.TPEngine.SSO.DefaultSSOSessionProvider, Web.TPEngine, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null" />
+          <PersistedClaims>
+            <PersistedClaim ClaimTypeReferenceId="totpIdentifier" />
+            <PersistedClaim ClaimTypeReferenceId="issuer" />
+          </PersistedClaims>
+        </TechnicalProfile>
+
         <!-- Self-asserted technical profile that asks the user to enroll to the TOTP MFA. The technical profile:
               1) Creates the TOTP secret
               2) Sets the issuer name and the URI
@@ -377,7 +387,7 @@
             <OutputClaim ClaimTypeReferenceId="objectId" />
             <OutputClaim ClaimTypeReferenceId="secretKey" />
           </OutputClaims>
-          <UseTechnicalProfileForSessionManagement ReferenceId="SM-MFA-TOTP" />
+          <UseTechnicalProfileForSessionManagement ReferenceId="SM-MFA-Totp-Input" />
         </TechnicalProfile>
 
         <!-- Self-asserted technical profile that verifies the TOTP-->