Hmm this is a little strange. So just to confirm, `app a` and `app b` are both pointing at the same Gluu Server for SSO?
In your oxTrust configuration, what do you have the `default_acr` field set to?
If it's set to Super Gluu, both apps should get Super Gluu authentication.
You should only have to enroll a device one time per user, per Gluu Server.
So in your scenario, if you are using the same user, and the same device, you should only have to enroll the device during the first authentication attempt, in your case `app a`.
Assuming the apps are pointed at the same Gluu Server, you're using the same user, and both apps are getting Super Gluu authentication, you should get a push notification for all authentication attempts post enrollment.