I am trying to resolve Forgot Password with a custom process. The current authentication api for Forgot Password with Email Factor is simply sending an email with link for user to reset. This is misleading first as the API isnt using a factor. When using the Forgot Password with SMS Factor this works seamlessly with our custom process and maintains security without needing an apikey clientside to make any calls.
I am hoping there is something I am missing as I have read posts from 3 years ago with this very issue that were never resolved.
If not currently resolved. Would Okta be able to add an additional API under Forgot Password/Self-Service Unlock with passing a code via email instead of using the token link with redirect that currently is being triggered?