doxy.me

To set up SSO with doxy.me, you'll need to create a new Application within the Okta admin dashboard. Any users signing into doxy.me will need to have assigned access to this application, and will have to authenticate from your clinic sign-in page which will appear similar to [<a href="https://subdomain.doxy.me/sign-in" rel="nofollow noopener noreferrer" target="_blank">https://subdomain.doxy.me/sign-in</a>] (be sure to replace subdomain with your actual clinic subdomain).

Not using Okta for SSO? See our guides for integrating <a href="https://help.doxy.me/en/articles/4919544-single-sign-on-azure">Azure</a> or <a href="https://help.doxy.me/en/articles/5654076-single-sign-on-auth0-sso">Auth0</a>.

From the Applications tab, select Create App Integration and enable SAML 2.0 as the Sign-on method.

Go to your new Application page and switch to the General tab.

Select Edit within your SAML Settings to update the configuration.

Set an App name and App logo.

Check both options next to App visibility

- Do not display application icon to users
- Do not display application icon in the Okta Mobile app

1. Go to your new Application page and switch to the General tab.
2. Select Edit within your SAML Settings to update the configuration.
3. Set an App name and App logo.
4. Check both options next to App visibility
 - Do not display application icon to users
 - Do not display application icon in the Okta Mobile app
5. Select Next.

Within SAML Settings, enter the below URL as your Single sign on URL

- <a href="https://api.doxy.me/auth/institution/SAML2/callback?institutionId=XXXX" rel="nofollow noopener noreferrer" target="_blank">https://api.doxy.me/auth/institution/SAML2/callback?institutionId=XXXX</a>

Select the checkbox below to Use this for Recipient URL and Destination URL

Set the below URL as your Audience URI (SP Entity ID)

- <a href="https://api.doxy.me/auth/institution/SAML2" rel="nofollow noopener noreferrer" target="_blank">https://api.doxy.me/auth/institution/SAML2</a>

Point the Default RelayState to your clinic dashboard URL

- <a href="https://subdomain.doxy.me/account/dashboard" rel="nofollow noopener noreferrer" target="_blank">https://subdomain.doxy.me/account/dashboard</a>

Set the Name ID format to EmailAddress

Within Attribute Statements, set the Name to email with an Unspecified format and value of user.email

1. Within SAML Settings, enter the below URL as your Single sign on URL
 - <a href="https://api.doxy.me/auth/institution/SAML2/callback?institutionId=XXXX" rel="nofollow noopener noreferrer" target="_blank">https://api.doxy.me/auth/institution/SAML2/callback?institutionId=XXXX</a>
2. Select the checkbox below to Use this for Recipient URL and Destination URL
3. Set the below URL as your Audience URI (SP Entity ID)
 - <a href="https://api.doxy.me/auth/institution/SAML2" rel="nofollow noopener noreferrer" target="_blank">https://api.doxy.me/auth/institution/SAML2</a>
4. Point the Default RelayState to your clinic dashboard URL
 - <a href="https://subdomain.doxy.me/account/dashboard" rel="nofollow noopener noreferrer" target="_blank">https://subdomain.doxy.me/account/dashboard</a>
5. Set the Name ID format to EmailAddress
6. Within Attribute Statements, set the Name to email with an Unspecified format and value of user.email

___________________________________________________________

Switch to the Sign On tab within the Application page and select View Setup Instructions.

A few things your CSM or support representative will need from the Configuration page:

Identity Provider Single Sign-On URL

Downloaded copy of the X.509 Certificate

- Identity Provider Single Sign-On URL
- Downloaded copy of the X.509 Certificate

With JIT enabled, you can create and assign new users to your doxy.me app without needing to manually invite or create doxy.me accounts first. Once an assigned new user authenticates, they'll be prompted to finish setting up their account by selecting a room name before being taken to the dashboard.

To remove a clinic user or seat, an account admin will still need to manage that from Account Settings / Clinic Settings / Manage Users.

- To remove a clinic user or seat, an account admin will still need to manage that from Account Settings / Clinic Settings / Manage Users.

Once enabled, SSO will replace the traditional sign-in methods for your clinic.

When logging in, users will need to authenticate from their clinic login page rather than an external app dashboard in most cases.

Existing users can always log in using email/password by going to <a href="https://doxy.me/sign-in" rel="nofollow noopener noreferrer" target="_blank">https://doxy.me/sign-in</a> and will see an optional redirect to their clinic dashboard.

- Once enabled, SSO will replace the traditional sign-in methods for your clinic.
- When logging in, users will need to authenticate from their clinic login page rather than an external app dashboard in most cases.
- Existing users can always log in using email/password by going to <a href="https://doxy.me/sign-in" rel="nofollow noopener noreferrer" target="_blank">https://doxy.me/sign-in</a> and will see an optional redirect to their clinic dashboard.

If you have any questions or would like assistance with configuration, please contact your CSM or chat with our <a href="https://help.doxy.me/en/articles/2420538-how-do-i-contact-support">support team</a> 🙂

Setup

Configuration

JIT (Just-In-Time provisioning)