User MFA Factor Reset All

Trigger a flow when all of a user's multifactor authentication (MFA) factors are reset in Okta.

This operation uses the user.mfa.factor.reset_all Okta event.

To trigger this event card, you can reset all factors through the Admin Console or use an API call. See Reset Factors.

Compatibility

The User MFA Factor Reset All card only works for orgs using Okta Classic Engine.

To process an MFA reset all event for orgs using Okta Identity Engine, you must use the User MFA Factor Deactivated event card.

For each MFA factor, a reset event triggers the flow three times, once for each internal event:

  • User reset SIGNED_NONCE factor

  • User reset OKTA_VERIFY_PUSH factor

  • User reset OKTA_SOFT_TOKEN factor

Scopes

See Event cards for the list of required OAuth scopes needed by this card.

Output

Field Definition Type

Date and Time

The date and time when the event was triggered in the Okta API.

Text

Message

Any message details about the event.

Text

Event ID

Unique identifier of the event.

Text

Event Type

Type of event that was published.

Text

Event Time

Timestamp when the notification was delivered to the service.

Text

Version

Versioning indicator.

Text

Admin

Okta admin who enrolled the user in MFA.

Object

ID

ID of the Okta admin who enrolled the user in MFA.

Text

Alternate ID

Email address of the Okta admin.

Text

Display Name

Display name of the Okta admin.

Text

Type

Type of Okta admin who enrolled the user in MFA.

Text

Okta User

The Okta user whose MFA factors were reset.

Object

ID

The unique identifier of the Okta user.

Text

Alternate ID

Email address of the Okta user.

Text

Display Name

Display name of the Okta user.

Text

UUID

The universal unique identifier of the webhook event.

Text

Event Details

The raw JSON payload returned from the Okta API for this particular event.

Object

Headers

An object that represents the headers for the response.

Each key of the header is parsed into a header string as a key and value pair, for example, Content-Type: text/plain.

Object

Source

The source of any user-specific data.

Object

Debug Context

Debug Data

Information on the triggered event that you can use for debugging.

For example, returned data can include a URI, an SMS provider, or a transaction ID.

Object

While you can create more user or group fields for an Okta event, the Okta API only returns values for four fields: ID, Alternate ID, Display Name, and Type.

No other fields are supported for users or groups, and this event card doesn't return data from such fields.

Trigger a flow with this card

To trigger a flow, you must create a test user account in a test or development org and assign a super admin role to that user. Don't use your own account to complete the following steps:

  1. Sign in to the Admin Console using a test account.

  2. In the Admin Console, go to SecurityMultifactor.

  3. Verify that at least one factor is active. This page indicates active factors with green check marks.

  4. In the upper-right corner of the Admin Console, click the dropdown menu for your account, and then click My settings.

  5. In the Extra Verification section, confirm that at least one factor is already configured.

  6. Sign out of the test account, and sign in using your regular admin account.

  7. In the Admin Console, go to DirectoryPeople.

  8. In the Search field, search for the name associated with the test account. Click the test account's username.

  9. On the profile page for the test account, use the More Actions dropdown menu to select Reset Multifactor.

  10. In the confirmation dialog, click Reset All.

Resetting all MFA factors triggers any flow that uses the User MFA Factor Reset All event card.

Related topics

Okta Devices connector

Okta Devices API

Device lifecycle

Cards in flows