Configure Enhanced Epic Rover Logout

Created: Modified: Documentation

Applies to iOS and Android devices.

This feature is in controlled availability in MAM 6.4 (May 2024) and will be available to all customers in a future release.

Use the new Enhanced Rover Epic logout feature to disassociate the user from the device in the Epic server. The user will automatically be logged out of the Rover app on the device, and the user’s presence status will be updated in Epic.

Epic Rover is always logged out on the device locally during check in, even without using this feature.

IMPORTANT: Speak with your Epic contacts to find out about costs for this feature, if any.

Requirements
  • Imprivata must enable this feature for you.
  • The Epic environment (Interconnect Server) must be reachable from the Imprivata cloud and have a valid TLS certificate.
  • Minimum Epic version. The integration requires Epic November 2023 release or later.
  • App Configuration. Epic Rover and the Imprivata Locker apps distributed by your MDM must both be assigned via managed app configuration.
    • Both apps require their AppConfig keys configured with the same dynamic value, such as {DeviceUuId}. The unique value will be based on your MDM.
  • This feature utilizes the DisassoicateMobileDevice Epic API which is often included in customers existing Epic licensing. Customers are encouraged to check with their Epic representative to confirm.
Configure Epic Logout
Step 1: Configure the Epic Rover App

In your MDM, for the Epic Rover app, configure the app and set the AppConfig key EpicMobileDeviceID to a unique value such as {DeviceUuId}.

Take note of this value, you’ll use it in the next step when setting the AppConfig key/value pair for the Imprivata Locker app.

Step 2: Configure the Imprivata Locker App

In your MDM, in the Imprivata Locker App, add a new key for EpicRoverEpicMobileDeviceID and set the value to the same value you took note of in Step 1a.

This value must match the Epic Rover app’s AppConfig value for EpicMobileDeviceID.

Example: VMware Workspace ONE
  1. In the Workspace ONE UEM console, specify the user groups that will receive the Imprivata Locker app.
    1. On the distribution screen, name the assignment and in the Assignment Groups field, enter the name of the user group or smart group.
    2. Configure how to deploy the Imprivata Locker app. Select Auto.
  2. From the menu on the left, click Application Configuration.
  3. Add a new key for the AppConfig and set a Value: EpicRoverEpicMobileDeviceID and {DeviceUuId}. This value must match the Epic Rover AppConfig value for EpicMobileDeviceID.
  4. Save the change, then click Save and Publish, then Publish.
Configure Epic Logout in Mobile Access Management

IMPORTANT: Some steps in this procedure require assistance and coordination between the Imprivata Epic team and Epic, and may take some time to complete.

To configure Epic Logout:

  1. In the MAM admin console, navigate to Admin > App Logout. In the Epic Logout section, click Add Epic Environment.
  2. In the Add Epic Environment dialog, supply the settings for your Epic environment:
    1. In the Epic Environment Display Name, type a descriptive name.
    2. In the Epic Interconnect Server URL, type the URL of the Epic Interconnect Server.
    3. In the Epic Interconnect Instance, type the instance name.
    4. Click Test connection to test the connection between the MAM and Epic Interconnect servers, and then click Next. The MAM server generates a key-pair that will be used by the Imprivata Epic team to request vendor access to Epic Showroom.
  3. Click Request Imprivata Mobile Access Management Connector in Epic Showroom to request access to the Imprivata Mobile Access Management Connector from the Imprivata Epic team.
    Access to Epic Showroom is limited to your organization’s Epic administrators. The Imprivata team receives a notification of your access request, approves the request, and uploads the key file to Epic.
    After approved by Imprivata, the GroundControl server will have access to communicate securely with your Epic environment. During this time, you will see a Pending status on your request in Epic Showroom.
  4. When the request is complete, your Epic Showroom displays a status of Ready. It may take up to 12 hours to sync the key file.