Hello, we'd like to disable email as an option for password reset... as the user is locked out, they can't get to email, and company policy prohibits company info (like the password reset link) from going to an outside account. Is there a config for removing email as a password reset option?
Unfortunately the email can't be disabled as an option for the password reset flow. A feature request has already been submitted with this ideea. https://support.okta.com/help/ideas/viewIdea.apexp?id=0872A000000XbbpQAC
If you have the Secondary email address enabled for your tenant to allow users to add their personal email addresses and the Primary email address is an internal account, you can disable the secondary email address as an administrator (if this is not used in your environment) to ensure that the password reset email does not go to an outside account. You can disable the secondary email by going to your Admin dashboard>Settings>Customization>Optional User Account Fields>Secondary Email.
Thank you, Vlad Ivascu Technical Support Engineer Okta Global Customer Care