How can we help?

1. Go to your company's Okta admin panel
2. Go to Applications > Applications
3. Click "Create App Integration"
4. Select SAML 2.0
5. Fill in general settings, then go to step 2 - “Configure SAML”
6. Enter the following fields:
   • Under "SAML Settings"

     Single sign-on URL:	https://sso-connect.doximity.com/auth/saml/organization_identifier** organization_identifier to be provided by Doximity
     Audience URI (SP Entity ID)	https://sso-connect.doximity.com
     Relay State	For Amion application:{"redirect_to":"https://www.amion.com/organizations"}For Dialer application:{"redirect_to":"https://www.doximity.com/dialer/home"}

   • Under "Attribute Statements (optional)", create or edit:

     Name	Name Format (optional)	Value
     email	Unspecified	user.email
     first_name	Unspecified	user.firstName
     last_name	Unspecified	user.lastName
     name	Unspecified	user.Login
     jobTitle	Unspecified	user.Title

7. Skip “Group Attribute Statements” and the preview. Click next to continue. 
8. On "Help Okta Support understand how you configured this application", select "I'm an Okta customer adding an internal app", and select "This is an internal app that we have created".

9. Once created, under the "Sign On" tab, copy the link for the "Identity Provider metadata" (under the "View Setup Instructions" button). Either open it and copy the URL, or right click and copy the link.

9. Please send the metadata URL to your Doximity contact so we can continue with the setup process. We'll need that URL to complete setting your identity provider up on our side.

Setup Instructions for User Provisioning on Okta

1. Before starting these steps, please send a confidential/encrypted email to your Doximity resource to receive the Provisioning API token needed for Step 7.
2. Go to your company's Okta admin panel
3. Go to Applications > Applications
4. Use the search bar to find the Doximity application
5. Click to edit the App settings, change the option “Provisioning” to “SCIM” then click “Save”
   
6. Go to the “Provisioning” Tab and click to “Edit” the SCIM Connection
   
7. Enter the following fields:
   1. SCIM connection base URL
      1. Production: https://sso-connect.doximity.com/scim_v2
      2. Sandbox (optional): https://sso-connect.partners.doximity-staging.services/scim_v2
   2. Unique identifier field for users: userName
   3. Supported provisioning actions: check “Push New Users” and “Push Profile Updates”
   4. Authentication Mode: HTTP Header
   5. Authorization: paste the API Token provided by Doximity
8. Click “Test Connection Configuration” to make sure everything is working properly, then hit “Save”
   
9. On the left-hand side menu, click the “To App” option
   
10. Click the “Edit” button on the “Provisioning to App” section, enable the following options and hit “Save”:
    • Create Users
    • Update User Attributes
    • Deactivate Users
11. Click the “Force Sync” under the “Doximity Attribute Mappings” section to trigger the provisioning

Miscellaneous Notes

1. Groups and roles: Doximity, and its products Dialer and Amion, are enterprise-wide products used across your organization by both clinical (e.g. MD, DO, RN), support clinical staff (e.g. social worker, care coordinator, scheduling) and non-clinical staff (e.g. IT). Please include all groups that will cover all relevant users above. To simplify group maintenance, Doximity recommends using dynamic rules to manage your groups. For more information, please see this Okta support page.  
2. Encrypted SAML Assertions: Please let Doximity know if your IDP requires encrypted SAML Assertions so we can complete additional set-up on vendor-side.