Authentication Type Options

There are two options to authenticate your EHR software or other application to the assigned phiMail server to send and receive Direct messages and status notifications as part of EMR Direct's Direct Messaging service. Implementers may choose a single option or a combination of the following options:

1) Send the username and strong password over the encrypted connection to the phiMail server by including a password in the AUTH command. This username may be a Direct Address or a Direct Address Group username. This method may not be used on its own for EHR-level authentication. This method is typically used for Organization-level authentication.

2) Present a client certificate to the server during the TLS handshake. The client certificate-based authentication method is required for EHR-level authentication and is optional for the other authentication types; it may be used on its own or with an optional password.

Please refer to the phiMail API documentation for more details on authentication and Address Groups.


Did this article answer your question? If not, please contact us.