Authentication and your scopes
The edi-app shares the rcm-app's authentication system. You log in once; your account carries scopes that determine which pages you see and which buttons are enabled.
Sign in
Your tenant's edi-app lives at <your-org>.edi.medsuite.com (or
co-hosted at the rcm-app subdomain — your tenant admin will tell you).
You sign in with the credentials your tenant admin issued; MFA is
required as on the rcm-app side.
If you forgot your password, click Forgot password; reset link
expires in 1 hour.
Scopes you might hold
| Scope | What it lets you do |
|---|---|
edi.dashboard.read | Open /dashboard and read every panel. |
edi.transaction.read | View /transactions list and detail. |
edi.batch.read | View /batches. |
edi.partner.read | View /trading-partners list and detail. |
edi.partner.write | Edit partners — connection, capabilities, companion guide bindings. |
edi.partner.credentials.write | Set / rotate credentials in the vault. |
edi.companion-guide.read | View /companion-guides. |
edi.companion-guide.write | Author rules; clone versions. |
edi.companion-guide.activate | Activate / reactivate guide versions. |
edi.routing.read | View routing rules and run the simulator. |
edi.routing.write | Add / edit / delete routing rules. |
edi.eligibility.run | Originate 270s. |
edi.auth.run | Originate 278s. |
edi.status.run | Originate 276s. |
edi.replay | Trigger replays. |
Most operators hold a role that grants several scopes at once. Common roles:
| Role | Scopes |
|---|---|
EDI_VIEWER | All *.read. No writes. |
EDI_OPERATOR | All *.read, edi.replay, eligibility/auth/status *.run. No partner / companion / routing writes. |
EDI_ANALYST | EDI_OPERATOR + companion guide writes + routing writes. |
EDI_ADMIN | All edi.* scopes. Includes credential rotation. |
Confirming what you have
Profile menu → My roles. The dialog shows your active roles and the scopes each grants. Useful when a button is unexpectedly greyed — check here before asking your tenant admin.
Asking for more scopes
When you need a write you do not have, the rcm-app's tenant admin grants it through their role-management interface (covered in the Tenant Manual). The recommended cadence:
- Routine work: hold
EDI_OPERATOR. Never enough rope to break things; covers triage, replay, monitoring. - Ramp-up to author guides / routing: ask for
EDI_ANALYSTafter a couple of weeks of routine work. - Credentials and partner full-access:
EDI_ADMIN, sparingly.
What you can do without scopes
Two surfaces work for everyone:
- Dashboard panels you have scope for — others are hidden, not greyed.
- Reading the manual — this manual.
Audit
Every action you take in edi-app is audited. The Audit access item
in your profile menu shows the last 7 days of your own actions. Your
tenant admin's audit log shows everyone's activity, with the same
detail you see here.
PHI does not flow through edi-app the same way it does in rcm-app — the EDI envelope carries member identifiers, not full clinical PHI — but the same audit hygiene applies. Treat segment traces with the same care you would a member detail page.
Common Day-1 mistakes (avoid them)
| Mistake | Better way |
|---|---|
Asking for EDI_ADMIN on day 1 | Most work fits EDI_VIEWER for the first few days; ramp up. |
| Sharing credentials with a colleague who needs scope | Each user gets their own; sharing breaks the audit trail. |
| Bypassing the routing rules with a direct admin endpoint | Rules exist to make routing deterministic; using a back door defeats the simulator. |
| Editing a companion guide without using clone-and-activate | The active guide is shared infrastructure; never edit it in place. |
Where to go next
You are oriented. Pick the workflow you need:
| Doing | Start at |
|---|---|
| Onboarding a new partner | 2.1 — Onboard a new trading partner |
| Authoring a companion guide | 7.1 — The companion guide editor |
| Triaging morning traffic | 8.1 — Daily monitoring |
| Reading a 277CA / 835 / 271 | 9.2 — Segment cheat-sheet |
| Submitting a 278 | 5.1 — 278 request |
| Posting an 835 | 6.1 — 835 inbound |
End of Getting Started.