User initiates password reset by entering their login name.
Password Reset application searches the user account from the password method's directory using the given login name.
- If account is found, password reset initiates authentication using Unregistered SMTP OTP or Unregistered SMS OTP method in SSO.
User receives a One-Time-Password (via email or SMS, depending on which OTP method was used).
User enters the received OTP in the Password Reset application.
Password Reset application validates the OTP.
- If the OTP is correct, user then is allowed reset their password

Clustered Environment with Password Reset

Password reset can be used in a clustered configuration, when the following requirements are met:

Reverse proxy must use sticky-sessions mode, so that all requests during a user's password reset session are directed to a single node in the cluster.
SSO server nodes must use REDIS. See Cluster installation - SSO v8.3

Distinction of Password and Password Reset

...