- Go to your company's Okta admin panel
- Go to Applications > Applications
- Click "Create App Integration"
- Select SAML 2.0
- Fill in general settings, then go to step 2 - “Configure SAML”
- Enter the following fields:
- Under "SAML Settings"
Single sign-on URL: https://sso-connect.doximity.com/auth/saml/organization_identifier** organization_identifier to be provided by Doximity Audience URI (SP Entity ID) https://sso-connect.doximity.com Relay State For Amion application:{"redirect_to":"https://www.amion.com/organizations"}For Dialer application:{"redirect_to":"https://www.doximity.com/dialer/home"} - Under "Attribute Statements (optional)", create or edit:
Name Name Format (optional) Value email Unspecified user.email first_name Unspecified user.firstName last_name Unspecified user.lastName name Unspecified user.Login jobTitle Unspecified user.Title
- Under "SAML Settings"
- Skip “Group Attribute Statements” and the preview. Click next to continue.
- On "Help Okta Support understand how you configured this application", select "I'm an Okta customer adding an internal app", and select "This is an internal app that we have created".
- Once created, under the "Sign On" tab, copy the link for the "Identity Provider metadata" (under the "View Setup Instructions" button). Either open it and copy the URL, or right click and copy the link.
- With the metadata URL at hand, please let your Doximity contact know so we can continue with the setup process. We'll need that URL to complete setting your identity provider up on our side.
Setup Instructions for User Provisioning on Okta
- Go to your company's Okta admin panel
- Go to Applications > Applications
- Use the search bar to find the Doximity application
- Click to edit the App settings, change the option “Provisioning” to “SCIM” then click “Save”
- Go to the “Provisioning” Tab and click to “Edit” the SCIM Connection
- Enter the following fields:
- SCIM connection base URL
- Production: https://sso-connect.doximity.com/scim_v2
- Sandbox (optional): https://sso-connect.partners.doximity-staging.services/scim_v2
- Unique identifier field for users: userName
- Supported provisioning actions: check “Push New Users” and “Push Profile Updates”
- Authentication Mode: HTTP Header
- Authorization: paste the API Token provided by Doximity
- SCIM connection base URL
- Click “Test Connection Configuration” to make sure everything is working properly, then hit “Save”
- On the left-hand side menu, click the “To App” option
- Click the “Edit” button on the “Provisioning to App” section, enable the following options and hit “Save”:
- Create Users
- Update User Attributes
- Deactivate Users
- Click the “Force Sync” under the “Doximity Attribute Mappings” section to trigger the provisioning
Miscellaneous Notes
- Groups and roles: Doximity, and it’s products Dialer and Amion, are enterprise-wide products used across your organization by both clinical (e.g. MD, DO, RN), support clinical staff (e.g. social worker, care coordinator, scheduling) and non-clinical staff (e.g. IT). Please include all groups that will cover all relevant users above. To simplify group maintenance, Doximity recommends using dynamic rules to manage your groups. For more information, please see this Okta support page.
- Encrypted SAML Assertions: Please let Doximity know if your IDP requires encrypted SAML Assertions so we can complete additional set-up on vendor-side.