when I try to open sailpoint iiq I am getting an error has anyone faced the same issue? Please help me
Hi @hs25102025
Can you add more details related to your request? Are you using RFA/DUO/Custom MFA Solution in your case?
From the error message, it looks like you are missing a form. For DUO and RFA, form is included part of OOTB files workflow_MultiFactor_DUO.xml or workflow_MultiFactor_RFA.xml.
But if its a custom MFA method, it needs to validated if the Form is properly imported.
Yesterday I tried to configure MFA Duo first I imported it and selected MFA Duo in the configuration then I selected the population as everyone after that whenever I try to open it it is asking this form
Hi @hs25102025 ,
Could you please check your workgroup “SelfRegistrationWorkGroup” is present or not. If present please share your workgroup xml.
I can’t check anything because I’m getting this error right after entering my username and password can’t see anything after this
Hi @hs25102025
This happens because Duo MFA was enabled for “Everyone” but the MFA workflow is calling a Form that isn’t imported, so login fails right after username/password.
Fix: re-import the OOTB Duo MFA workflow from WEB-INF/config/workflow_MultiFactor_DUO.xml using the IdentityIQ console (iiq console → import workflow_MultiFactor_DUO.xml), then restart Tomcat and try again.
After recovery, enable Duo MFA for a small pilot population first (keep a break-glass admin outside the MFA population).
Hello @hs25102025 If MFA is enabled and set for everyone, the login form will prompt all users. I faced this issue earlier. At first, I redeployed the WAR file and lost the data, but there is a better approach.
If you have database access, you can check the spt_configuration table and look for the field named MFAConfiguration. Update the value by changing enabled="true" to enabled="false" using a database query.
For example, if you are using MySQL, run the following query:
UPDATE spt_configuration
SET attributes = REPLACE(attributes, 'enabled="true"', 'enabled="false"')
WHERE name = 'MFAConfiguration';
This will disable MFA. After that, you can reconfigure MFA for a few identities first using a QuickLink or a population. Once it works as expected, you can then enable it for everyone.
Thanks,
Raju 