To implement EHR Single Sign-On, you create the log in and log out code for DM360 Network Edition. You then configure your EHR to call that code; allowing providers to log in and out of DM360 Network Edition from the EHR.
While the steps for configuring this in the EHR differ depending on which EHR your providers use, the steps on the DM360 Network Edition side are the same regardless of the EHR.
Steps
n (Optional) Ensure that vSync is installed on both the Citrix client and server
n Enable EHR Single Sign-On
n Generate a Client ID
n (Optional) Map the User's EHR log in to their DM360 Network Edition log in credentials
n Write the log in/log out code
n Configure your EHR to call the log in/log out code
n For DM360 Network Edition, install the Dragon Clients with EHR Single Sign-On enabled
(Optional) Ensure that vSync is installed on the Citrix server
For DM360 Network Edition,, if your EHR is running on Citrix, EHR Single Sign-On requires that vSync be installed on the Citrix server and Citrix Support components be installed on the client machine. Visithttps://isupport.nuance.comand view "L-3431 - Using Dragon with Citrix clients and servers Administrator Guide" for more information about vSync.
Enable EHR Single Sign-On in the Nuance Management Console Complete the following steps for each site that you want to use EHR Single Sign-on:
1. Open the site in the Nuance Management Console.
2. On the ribbon, select Organization Overview.
3. In the Organizations screen, double-click a site.
4. In the Site screen, click the DM360 Network Edition tab.
5. Expand the Miscellaneous section.
6. Check the Enable SSO authentication checkbox to enable EHR Single Sign-on for the site.
7. Click Save to save your changes.
Generate a Client ID
Generate a client ID for each site that you want to use EHR Single Sign-on. For information about how to generate a Client ID, seeCreating Organization Tokens. Your log in script for DM360 Network Edition will use this ID as a parameter .
(Optional) Map the EHR User Names to the log in credentials for DM360 Network Edition
If your users' EHR usernames and user account usernames are the same, you can skip this step.
If your users' EHR usernames and user account usernames are not the same, complete the fol-lowing steps:
1. Open the user you want to configure.
2. Go to User Account Details > Credentials > Token:
Go to User Account Details > Credentials > Token:
3. Click Add. The New Credential dialog box appears:
4. Enter the user's EHR user name in the Login field.
5. Click OK to save your changes.
Write commands for logging in and out of DM360 Network Edition You use command line parameters to log in and out of DM360 Network Edition using EHR Sin-gle Sign-on. You can integrate these commands with your EHR in a number of ways including:
n using a third party product
n using functionality that is built in to your EHR
n using an external scripting language.
Logging into the local machine
<Path to the product executable>\<product exe file>/SSOUser <Username>
<Client ID>
where:
n <Path to the product executable> is the path to the directory that contains the product exe file.
n <product exe file> is the name of the exe file that launches the product.
l For DM360 Network Edition, the exe file is called natspeak.exe.
n <Username> is an EHR username.
n <Client ID> is the ID that you created. See Creating Organization Tokens.
For example:
C:\Program Files\Nuance\NaturallySpeaking12\Program\natspeak.exe /SSOUser jdoe eacd17e4-f0fb-4a2b-9b20-03a80231e9a0
Logging out of the local machine
If you are going to run the log out command on the same machine where DM360 Network Edi-tion are installed, use the following syntax to log out the currently loaded user:
<Path to the product executable>\<product exe file>/SSOUser <Username>
<Client ID>
where:
n <Path to the product executable> is the path to the directory that contains the product exe file.
n <product exe file> is the name of the exe file that launches the product.
l For DM360 Network Edition, the exe file is called natspeak.exe.
n <Username> is an EHR username.
n <Client ID> is the ID that you created. SeeCreating Organization Tokens.
For example:
C:\Program Files\Nuance\NaturallySpeaking12\Program\natspeak.exe /Lo-gout
Logging in when running DM360 Network Edition on a Citrix server
Use the following command to log users into DM360 Network Edition:
<Path to the product SSO executable>\<product SSO exe file>/SSOUser <User-name> <Customer Token>
where:
n <Path to the product SSO executable> is the path to the directory that contains the product SSO exe file.
n <product SSO exe file> is the name of the SSO exe file for the product.
l For DM360 Network Edition, the exe file is called natspeakSSO.exe.
n <Username> is an EHR username.
n <Customer Token> is the organization token that you created. For details, seeCreating Organization Tokens.
C:\Program Files\Nuance\EHR Synchronizer\Program\natspeakSSO.exe /SSOUser jdoe eacd17e4-f0fb-4a2b-9b20-03a80231e9a0
Logging out when running DM360 Network Edition on a Citrix server
Use the following command to log out the currently loaded user:
<Path to the product SSO executable>\product SSO exe file> /Logout
where:
n <Path to the product SSO executable> is the path to the directory that contains the product SSO exe file.
n <product SSO exe file> is the name of the SSO exe file for the product.
l For DM360 Network Edition, the exe file is called natspeakSSO.exe.
For example:
C:\Program Files\Nuance\EHR Synchronizer\Program\natspeakSSO.exe /Lo-gout
Configure your EHR to call the log in/log out code
Follow the instructions provided in your EHR documentation to configure the EHR to call the log in and log out code that you created in the Write Dragon log in/log out commands topic in the Nuance Management Console Help..
Install the client software with EHR SSO Enabled
Use the MSI installer to install the DM360 Network Edition client software - with EHR Single Sign-On enabled Set the MSI command line option to enable EHR Single Sign-On by passing in NAS_SINGLE_SIGN_ON=1. See the Nuance Management Console Help for more information about the MSI installer and MSI command line options.
Notes:
Be sure that EHR Single-Sign On is enabled or disabled in both the Nuance Management Console and the client software for DM360 Network Edition. If these settings are out of synch—for example, EHR Single Sign-On is enabled in the Nuance Management Console but not on the clients—unpredictable log in behavior results.
When installing an upgrade for DM360 NE on a client machine, you can enter values in the com-mand line for the Active Directory and EHR single sign-on settings. However, be aware that your values will overwrite any the user already entered for these settings.