To set up SSO with doxy.me, you'll need to create a new Application within the Okta admin dashboard. Any users signing into doxy.me will need to have assigned access to this application, and will have to authenticate from your clinic sign-in page which will appear similar to [https://subdomain.doxy.me/sign-in] (be sure to replace subdomain with your actual clinic subdomain).
Setup
From the Applications tab, select Create App Integration and enable SAML 2.0 as the Sign-on method.
Go to your new Application page and switch to the General tab.
Select Edit within your SAML Settings to update the configuration.
Set an App name and App logo.
Check both options next to App visibility
Do not display application icon to users
Do not display application icon in the Okta Mobile app
Select Next.
Configuration
Within SAML Settings, enter the below URL as your Single sign on URL
Select the checkbox below to Use this for Recipient URL and Destination URL
Set the below URL as your Audience URI (SP Entity ID)
Point the Default RelayState to your clinic dashboard URL
Set the Name ID format to EmailAddress
Within Attribute Statements, set the Name to email with an Unspecified format and value of user.email
Select Next and Finish.
Switch to the Sign On tab within the Application page and select View Setup Instructions.
A few things your CSM or support representative will need from the Configuration page:
Identity Provider Single Sign-On URL
Downloaded copy of the X.509 Certificate
JIT (Just-In-Time provisioning)
With JIT enabled, you can create and assign new users to your doxy.me app without needing to manually invite or create doxy.me accounts first. Once an assigned new user authenticates, they'll be prompted to finish setting up their account by selecting a room name before being taken to the dashboard.
To remove a clinic user or seat, an account admin will still need to manage that from Account Settings / Clinic Settings / Manage Users.
A few things to note:
Once enabled, SSO will replace the traditional sign-in methods for your clinic.
When logging in, users will need to authenticate from their clinic login page rather than an external app dashboard in most cases.
Existing users can always log in using email/password by going to https://doxy.me/sign-in and will see an optional redirect to their clinic dashboard.
If you have any questions or would like assistance with configuration, please contact your CSM or chat with our support team 🙂