Hello, we've been using a simple flow for auth in our app with sending a POST request to the `/token` route with credentials and receiving an access token (used in the Authorization header).

Recently, we've got a requirement to implement MFA, but the existing flow doesn't support it.

So, currently, the flow seems to be the following:

1. Initially, an "Native app" needs to be created in Okta admin with redirect URL e.g. "com.app:/callback"

During the auth process:

1. Send a POST request to `/api/v1/authn` and follow the flow until Session Token is received in the response (enrolling for MFA, activating MFA etc.) .
2. Send a GET request to "/authorize" route with the session_id received from the previous step and the "redirectl_url=com.app:/callback"
3. The app should register a handler to handle deep linking in the app so the redirect will be handled in the app when the server redirects to the "com.app:/callback" after a successful response
4. Use the received access token to authenticate in the services.

Is this a correct flow for us?