This guide will help you connect your Doozy app to Okta using SAML. Follow the steps below to configure the integration.

Prerequisites

  • Access to your Okta admin dashboard.
  • The following details from Doozy:
    • Entity ID: https://doozy.live
    • ACS URL: https://doozy.live/__/auth/handler

Step 1: Create a New SAML App in Okta

  1. Log in to your Okta admin dashboard.
  2. Navigate to Applications > Applications.
  3. Click Create App Integration.
  4. Select SAML 2.0 and click Next.

Step 2: Configure SAML Settings

In the General Settings:
  1. App name: Enter a name for your app, e.g., “Doozy”.
  2. (Optional) Upload a logo and set visibility options.
Click Next to proceed.

SAML Settings

In the SAML Settings:
  1. Single sign-on URL:
    • URL: Enter https://doozy.live/__/auth/handler
    • Request Binding: Ensure “HTTP-POST” is selected.
  2. Audience URI (SP Entity ID):
    • URI: Enter https://doozy.live

Attribute Statements (Optional)

  1. Click Add Another to add a new attribute statement.
    • Name: Name ID
    • Name format: urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
    • Value: user.email
Click Next to continue.

Step 3: Configure Feedback

  1. Choose the option that best describes your needs and click Finish.

Step 4: Assign People to the Application

  1. Click Assignments and assign users or groups to the Doozy app.

Step 5: Retrieve Okta SAML Details

Once the application is created, you’ll need to retrieve the following details from Okta:
  1. Entity ID: Found under the “Sign On” tab. Example: 
    http://www.okta.com/12345931283hu23in1
  2. SSO URL: Also found under the “Sign On” tab. Example: 
    https://<your-okta-domain>/app/doozy/abcd1234/sso/saml
  3. Certificate: Download the certificate from the “Sign On” tab under “View SAML setup instructions.”

Step 6: Configure SAML in Doozy

  1. Navigate to the Doozy Security Settings.
  2. In the SAML configuration section, enter the following values:
    • Entity ID: https://doozy.live
    • ACS URL: https://doozy.live/__/auth/handler
    • Okta Entity ID: (Use the Entity ID retrieved from Okta)
    • SSO URL: (Use the SSO URL retrieved from Okta)
    • Certificate: (Paste the content of the certificate retrieved from Okta)\
    • Domains: Add the domains that users can log in with. This restricts access to users with email addresses from these domains.
  3. Map the Name ID to Email.

Step 7: Test the Integration

  1. Log out of Doozy.
  2. Try to log in using Okta SSO to verify the configuration.
If you encounter any issues, please refer to Okta’s documentation or contact support.