Kofax TotalAgility - Enable Federated security using OKTA

Question / Problem: 

When attempting to log into KTA with Federated Security enabled, 
The user is presented with this message:

Answer / Solution: 

When using the OKTA service provider, this issue is caused by an invalid configuration within OKTA itself,

Within the Application settings in OKTA,
The checkbox 'Allow this app to request other SSO URLs' should be checked:


The Requestable SSO URL is https://<<servername>>/TotalAgility/FederatedLogin.aspx

The Audience URI should be:
https://<<servername>>/Agility.Server.Web

Working configuration:

Applies to: