Dream Factory by TruBridge Ideas Portal
Currently I have a CPSI, CPSIQ, MyCpsi, SoftQliq, and Dream Factory login all for one vendor. Some use an email for the user name some use a number, they all have to be set up separately. These should all be interconnected so If a user has a UBL set up the login information can quickly port into/merge with any other area associated with any Evident platforms. The number of logins that staff is expected to keep up with is growing daily it seems. Having one vender with so many different access points that have to be set up and kept up with is becoming monumental for facility support staff as well as users.
8/21/24 update:
The goal of our SSO work is to allow two fundamental capabilities:
For TruBridge customers to be able to use a single common user credential to access all TruBridge and related services
For TruBridge customers to be able to use an external identity provider of their choice as their TruBrudge credential. This can include ActiveDirectory, Google App Suite, or any other OAuth, SAML, or LDAP identity provider.
The solution being worked on is to have all TruBridge products authenticated using a common federated identity mechanism, specifically KeyCloak, which in turn is configured to allow each customer organization to choose their preferred user identity system and authenticate to TruBridge applications using it. For those customers who don't wish to use an external identity source, KeyCloak itself can be the identity provider. This mechanism will allow customers to use their organizational ActiveDirectory accounts, Google G-Suite accounts, or any identity provider support SAML, OAuth, or LDAP to be used for TruBridge application access.
If you have questions or comments, you can reach out to Jason Harmon (Chief Architect, Technology Strategy) at jason.harmon@trubridge.com
3
In Development
With the use of an Enterprise Browser (Island.io) we have implemented our own version of SAML authentication for Trubridge / Thrive. All users use their Google Workspace Company Email login to authenticate with the Island Browser using SAML. We assign a username/password for each user and setup a Privileged Asset Management (PAM) login for each user. When the user opens the Thrive Web Site the user can click on the Fill button and the username/password is injected and the application opens to the tracking board. Using the password manager in Island each user can manage other application passwords easily. The only issue we are having is the ability to use the Second Witness function in Thrive properly. So users need to know their login/password for that which requires 90 day password rotation. We are hoping for a total solution soon to all of these issues....please let me know if you have questions. rtruex@hgpmh.org
Any updates on this? I would LOVE single sign on for TruBridge EHR!
I can't begin to express how happy we are to hear this is coming. We have been migrating all our other systems to SSO to try and limit the number of logins.
I am hoping this change will still allow users to use the different platforms minus the EHR system. We are rolling out TruLearn as our facility wide learning management system and some users will not need EHR system access.
Saw this change to "In Development" and I'm doing a little happy dance. I recently did a survey in our facility about the major pain points for the computer use, and "too many passwords!!" was a consistent response from our users.
We are working on a SSO solution- we do not have a timeline to share at the moment. Come to the Dream Factory in the HUB at our upcoming National Client Conference. Jason Harmon will be able to show a prototype and answer questions.
Dear Trubridge,
Are you actively engaging with these comments? Could we possibly receive a more comprehensive update on the status of these ideas? We're eagerly awaiting to see the direction you take with them. Despite hearing that Dream Factory is the optimal platform for our ideas, it appears that even some of the most well-received suggestions are not gaining traction. Several highly popular concepts have been languishing on Dream Factory for over a year without significant progress being evident to your customers. This stagnation is eroding our confidence and belief that our opinions and ideas hold weight.
As the person who has to get new hires set up, it would be so much easier if there was one login. first initial last name is the standard for most company logins.
Can we please do this?? I am getting really tired of setting up everyone in everywhere and having 10 tabs open just to function every day.
I agree need to get with the century and have SAML for Azure AD, currently only vendor we have that doesn't have this ability.
Yes I agree that it would be nice if Evident would have OAuth for all their platforms, especially since they are moving everything to Azure. While they are at it, I'd really love if they would add SAML for Azure AD integration as well so we could truly get to one login for many users. We already using SAML with most of our other SaaS solutions or are in the process of implementing it.