============================================================================= Run Date: MAR 25, 2026 Designation: EDP*2*45 Package : EDP - EMERGENCY DEPARTMENT Priority: Mandatory Version : 2 SEQ #38 Status: Released Compliance Date: APR 25, 2026 ============================================================================= Subject: REPLACE SSOI WEB AGENT AUTHENTICATION WITH ENTRA ID INTEGRATION. Category: - Informational - Other Description: ============ This patch is for the Emergency Department Integration Software (EDIS) Java Graphic User Interface (GUI). EDP*2*45 replaces SiteMinder and enables Entra ID login for EDIS. After release, the EDIS GUI/Web Server version will be 2.2.63. Patch EDP*2*45 addresses the following defect: 1) EDIS-1314: EDIS Entra ID Migration. EHRM Impact Statement: ---------------------- -This patch should have no EHRM impact, and can be installed at all sites, including EHRM converted sites. Patch Components: ----------------- Files & Fields Associated: File Name (Number) Field Name (Number) New/Modified/Deleted ------------------ ------------------- -------------------- N/A Forms Associated: Form Name File Number New/Modified/Deleted --------- ----------- -------------------- N/A Mail Groups Associated: Mail Group Name New/Modified/Deleted --------------- -------------------- N/A Options Associated: Option Name Type New/Modified/Deleted ----------- ---- -------------------- N/A Protocols Associated: Protocol Name New/Modified/Deleted ------------- -------------------- N/A Security Keys Associated: Security Key Name ----------------- N/A Templates Associated: Template Name Type File Name (Number) New/Modified/Deleted ------------- ---- ------------------ -------------------- N/A Remote Procedures Associated: Remote Procedure Name New/Modified/Deleted --------------------- -------------------- N/A Parameter Definitions Associated: Parameter Name New/Modified/Deleted -------------- -------------------- N/A Additional Information: ----------------------- N/A New Service Requests (NSRs): N/A Patient Safety Issues (PSIs): N/A Defect Tracking System Tickets(s) & Overview: 1) EDIS-1314: EDIS Entra ID Migration. Problem: -------- Legacy authentication relied on Single Sign-On Internal (SSOi) Web Agent with Identity and Access Management (IAM) session cookies requiring an additional OAuth token exchange step before obtaining Security Assertion Markup Language (SAML) tokens for Veterans Health Information Systems and Technology Architecture (VistA) access. This added complexity, latency, and dependency on Veterans Affairs (VA) internal IAM infrastructure. The application needed to modernize authentication to support Microsoft Entra ID as the enterprise identity provider. Resolution: ----------- Implemented direct Microsoft Entra ID integration using JSON Web Token (JWT) that bypass the OAuth exchange layer. Created EntraIdSTSClient to handle JWT-to-SAML conversion, added session-based token caching to eliminate redundant Security Token Service (STS) calls, and enhanced VistAAuthenticationFilter to support multi-site authentication with cached VistA login credentials. This streamlines the authentication flow from Entra ID/JWT/SAML VistA while maintaining backward compatibility with existing Access/Verify code authentication for local development. Test Sites: ----------- VA Greater Los Angeles HCS, Los Angeles, CA Lake City VAMC, Lake City, FL SNOW Change Order #: ------------------- CHG0711364 Software and Documentation Retrieval Instructions: -------------------------------------------------- The software for this patch is being deployed by the IO Enterprise Server Support Team. Documentation describing the new functionality is included in this release. Documentation can be found on the VA Software Documentation Library at: https://www.domain.ext/vdl/. Documentation can also be obtained at https://download.vista.domain.ext/index.html/SOFTWARE. Documentation Title File Name ---------------------------------------------------------------- EDIS User Guide EDIS_2_2_UG.pdf EDIS_2_2_UG.docx EDIS Technical Manual EDIS_2_2_TM.pdf EDIS_2_2_TM.docx Patch Installation: ------------------- Pre/Post Installation Overview: Austin Information Technology Center (AITC) performs patch installation on a centralized web server. EDIS is a java-based web application build. This is a centralized server promotion. No installation is required at local sites. Pre-Installation Instructions: This patch may be installed with users on the system although it is recommended that it be installed during non-peak hours to minimize potential disruption to users. However, no installation is required at local sites. Installation Instructions: N/A Post-Installation Instructions: N/A Back-Out/Roll Back Plan: ------------------------ Backout plan is provided as part of deployment instructions provided to AITC. No actions are required of local sites in the event of back-out/roll back. Routine Information: ==================== No routines included. ============================================================================= User Information: Entered By : Date Entered : JAN 28, 2026 Completed By: Date Completed: MAR 25, 2026 Released By : Date Released : MAR 25, 2026 ============================================================================= Packman Mail Message: ===================== No routines included