...
The second factor method here can be any of
Note that prior to SSO 9.1.0 it was possible to use only password as the first factor method.
Prerequisite
SAML method or OpenID Connect method to be used as the first factor method.
OTP Printout, TOTP, SMS OTP or OpenID Connect CIBA method to be used as the second factor method.
Management API - SSO enabled to be able to link second factor method to first factor method.
...