Disabling Initialization Vectors for URL Integrations - Signature Deficiencies for Epic - Foundation 23.1 - Foundation 23.1 - Ready - OnBase - external

Signature Deficiencies for Epic

Platform
OnBase
Product
Signature Deficiencies for Epic
Release
Foundation 23.1
License

An initialization vector adds a layer of cryptographic security to encrypted information sent in URL query strings. Possible applications include (but are not limited to) DocPop, the OnBase Patient Window, and the OnBase Web Viewer. An Epic External System Setting is not required to be configured to enable initialization vectors as initialization vectors are enabled by default. However, initialization vectors can be disabled by using the Epic Encryption Initialization Vector Required Epic External System Setting.

CAUTION: It is highly recommended that initialization vectors remain enabled if you have any OnBase applications that will receive Epic authentication information through a URL query string.

To disable initialization vectors for URL integrations:

  1. In the OnBase Configuration module, select Utils | External Systems. The External System Configuration dialog box is displayed.
  2. Select Epic and click Values. The External System Parameter Configuration dialog box is displayed.
  3. In the Key field, type the following: Epic Encryption Initialization Vector Required
    Note:

    Key names are case sensitive. Type the name exactly as displayed.

  4. In the Value field, type the following: false
    OnBase applications will now accept encrypted information with or without an initialization vector.
    CAUTION: It is highly recommended that initialization vectors remain enabled if you have any OnBase applications that will receive Epic authentication information through a URL query string.
  5. Click Add.
  6. Click Save.
    Note:

    If you click Save without first clicking Add, the specified Key and Value are automatically added.