Configure Hyperdrive to integrate with Okta

During this task we create an Authentication Device and configure Epic to use that new device.

  1. Prepare
    Determine the following values and provide to yourEpic technical services representative to create an Epic Authentication Device for use with the Okta Hyperdrive agent.
    • Platforms: Hyperdrive Web, Full Client.
    • ProgID: Okta-specific identifier, typically OktaHyperdriveLoginDevice.OktaMFADevice. Used in the following step.
    • SAML Issuer:
      • Must be unique across E0G records.
      • Cannot be reused in other E0G records.
    • SAML Key File: Provided by Okta to Epic for placement in operational database servers.
  2. Create an Epic Authentication device

    The following steps are reference only and typically performed by Epic Technical services.

    1. Open the Chronicles app.
    2. Access the Authentication Devices (E0G) primary file.
    3. Go to Enter Data > Create/Edit Device.
    4. Enter the following:
      • Device name — Enter a device name.
      • ID — Enter an ID value of 100000 or greater.
      • In the General Settings screen:
        • Platform — Select 1-Desktop.
        • Description — [Optional] Enter an description.
        • ProgID - Enter OktaHyperdriveLoginDevice.OktaMFADevice.
      1. Save the new authentication device.
    5. Determine whether an Authentication Configuration Record is defined:
      1. Go to d ^%ZeUSTBL > Hyperdrive > Miscellaneous Security Settings.
      2. Examine the results.
    6. If an Authentication Configuration record doesn't exist.
      1. Go to d ^e > e0a > Enter Data > Create Configuration.
      2. Enter the following:
        • ID — Enter er a unique ID.
        • Name — Enter a unique name.
        • Config Type — enter Authentication Device Settings.
      3. Save the new Authentication Configuration record.
      4. Enter the name of your Authentication Configuration record into the Authentication Configuration Record field for newly added Authentication Device.
    7. Save changes and exit Chronicles.
  3. Configure Epic Hyperdrive to use the added authentication device

    Work with Epic technical services to create Authentication Device Rules with the Hyperspace Authentication Administration activity.

    The following steps are reference only and typically performed by Epic Technical services.

    1. Open the Hyperdrive app
    2. Go to Edit > Admin > Access Management > Authentication Administration.
    3. Click Accept to accept the active record.
      This record should be the Authentication Configuration record that was previously created or verified..
    4. Select the desired configuration level of System, Service Area, Workstation, and others.
    5. In the Context field, enter E-Prescribing Controlled Medications - First Context.
    6. Set the Default Login as the first authentication method users should to be prompted with as Primary Device.
    7. Select the authentication method for the user's primary device. Most orgs choose Default Login for the first method.
    8. In the Context field, enter E-Prescribing Controlled Medications - Second Context.
    9. Set Okta to be the Primary Device.
    10. Click Accept.
    11. Restart Hyperdrive to implement your changes.