Our users will be stored in Okta and we’re looking to incorporate Okta sign-in widget for authentication and mfa challenge. It’s my understanding a consuming system isn’t able to tell Okta when to trigger mfa on the widget. However, is Okta able to trigger mfa on the widget if the user account is in Okta and the password was just reset? Does it matter if the password reset happened through api calls? If so, how is that enabled?
Since I haven’t heard back, I’m assuming this functionality doesn’t exist and I’ve submitted the suggestion as a feature request.
Password reset flow does not trigger MFA, only security question. If you would like to integrate this in a custom sign-in widget, you can use the details available here.
We have moved this topic to the feature requests category in order for our engineering team to review it and consider the functionality in a future release.