Sophos Central Federation with Okta

Following the documentation via the link below, I have successfully configured Okta as an Identity Provider for Sophos Central. I can log in successfully via the Sophos app by entering my email address, selecting the SSO button, but have run into a couple of issues.

1. I cannot successfully log in to Sophos when it is initiated from the Okta portal. I surmise this has something to do the having the correct URIs. The only URI specified in the Sophos Central configuration is https://federation.sophos.com/login/callback. What URIs should be used for Sign-in, Sign-out, and the Initiate login URI?

2. When logging in with Okta, even though we have MFA setup for the application, I am still prompted for a 6 digit code sent via email from Sophos Central.