SAML SSO support (including Okta) is indeed a work in progress.
As a nice side effect, we’ll add an option to enable/disable authentication methods per workspace. So you’ll be free to turn off email and Microsoft auth leaving only Google active, for example. Turn on 2FA in your Google org – and you’ll have de-facto 2FA in Fibery.
This is not a native 2FA but we hope it’s a start 
@Chr1sG, do you think this would work for you?