Enable Multi factor athentication for Desktop Password reset


In our existing system, We have SailPoint as service provider and Okta as IDP for SailPoint login. We have installed desktop password reset and it is working fine.

There are two scenarios

We want to enable MFA for password reset so in IDN admin console went to Identity->Identity Profile → Okta , checked Enable Two-Factor Authentication and Mask Phone Numbers(Recommended). Here in directory for authentication given Active Directory. This is showing error please contact administrator . No logs generated at DPR and ccg.

  1. We are getting authentication screen from SailPoint when we don’t Enable Two-Factor Authentication and Mask Phone Numbers(Recommended). We didnt change dircetory to Active directory and its still in Okta. Here we are getting SailPoint two factor authentication screen as attached screenshot and able to change password.

https://sailpoint url/passwordreset this link is not giving any authentication screen? Does this get authentication screen?

Please let me know

In this scenario if I want to enable MFA okta push / okta verify does this work? Any api link or configuration changes through postman?