Configure Hyperdrive to integrate with Okta

You can configure Hyperdrive to integrate with Okta in cooperation with your Epic Technical Services representative. In this task, you create an Authentication Device and configure Epic to use that new device.

Before you begin

Gather the following information and give it to your Epic Technical Services representative. They use this information to create an Epic Authentication Device for use with the Okta Hyperdrive agent.

  • Platforms: Hyperdrive Web, Full Client.
  • ProgID: Okta-specific identifier, typically OktaHyperdriveLoginDevice.OktaMFADevice.
  • SAML Issuer:
    • The SAML Issuer must be "OKTA", and it must be unique across E0G records.
    • The SAML Issuer can't be reused in other E0G records.
  • SAML Key File: This is the location of the Okta certificate in the Epic Hyperdrive environment. Okta gives it to Epic, who place it in operational database servers.

Create an Epic Authentication device

The following steps are typically performed by Epic Technical Services and are provided here for reference purposes only.

  1. Open the Chronicles app.
  2. Access the Authentication Devices (E0G) primary file.
  3. Go to Enter DataCreate/Edit Device.
  4. Enter the following information:
    • Device name: Enter a device name.
    • ID: Enter an ID value of 100000 or greater.
    • In the General Settings screen, configure these options:
      • Platform: Select 1-Desktop.
      • Description: Optional. Enter a description.
      • ProgID: Enter OktaHyperdriveLoginDevice.OktaMFADevice.
  5. Save the new authentication device.

Determine whether an Authentication Configuration Record is defined

  1. Go to d ^%ZeUSTBLHyperdriveMiscellaneous Security Settings.
  2. Examine the results.
  3. If an Authentication Configuration record doesn't exist, perform these steps:
    1. Go to d ^ee0aEnter DataCreate Configuration.
    2. Enter the following information:
      • ID: Enter a unique ID.
      • Name: Enter a unique name.
      • Config Type: Enter Authentication Device Settings.
    3. Save the new Authentication Configuration record.
    4. Enter the name of your Authentication Configuration record into the Authentication Configuration Record field for newly added Authentication Device.
  4. Save the changes and exit the Chronicles app.

Configure Epic Hyperdrive to use the added authentication device

Work with Epic Technical Services to create Authentication Device Rules with the Hyperspace Authentication Administration activity.

The following steps are typically performed by Epic Technical Services and are provided here for reference purposes only.

  1. Open the Hyperdrive app.
  2. Go to EditAdminAccess ManagementAuthentication Administration.
  3. Click Accept to accept the active record. This record should be the Authentication Configuration record that was previously created or verified.
  4. Select the desired configuration level of System, Service Area, Workstation, and others.
  5. In the Context field, enter E-Prescribing Controlled Medications - First Context.
  6. Set the Default Login as the first authentication method users should to be prompted with as Primary Device.
  7. Select the authentication method for the user's primary device. Most orgs choose Default Login for the first method.
  8. In the Context field, enter E-Prescribing Controlled Medications - Second Context.
  9. Set the Primary Device as Okta.
  10. Click Accept.
  11. Restart Hyperdrive to implement your changes.

Next steps

Test user login process