Manage Your EPCS Account, Tokens, and Password

After registering for electronic prescribing for controlled substances (EPCS), you can manage your EPCS account and authentication tokens in the Exostar Token Management tool. You can also reset your EPCS password with help from an eRx Administrator.

Contents

1 Open Exostar Token Management
2 Authenticate to Unlock Other Actions
3 Add a New or Replacement Token
- 3.1 Add a Soft Token to Your EPCS Account
- 3.2 Add a Hard Token to Your EPCS Account
4 Remove a Token
5 Resync a Token
6 Manage the Backup Phone Number for Your EPCS Account
7 Reset Your EPCS Password
- 7.1 eRx Administrator Steps
- 7.2 Prescriber Steps
8 Never Revoke Your EPCS Account

Open Exostar Token Management

Use the Exostar Token Management tool to add a new token to your EPCS account, remove or resync an existing token, or manage your backup phone number.

Open the Rx Queue

Click on the Rx Queue tab in PCC EHR to open PCC eRx.

Go to My Settings

Click on the “My Settings” link in the top navigation bar to open your personal PCC eRx settings.

Open Exostar Token Management

Click on the “Exostar Token Management” button to open the tool.

Read on to learn which actions you can take within Exostar Token Management.

Authenticate to Unlock Other Actions

Before you can take most actions in Exostar Token Management, you must validate your identity by entering a one-time code from your hard token, soft token, or backup phone number – whichever method you have available.

Authenticate with Your Hard Token

To authenticate using your hard token, scroll to the Manage Token section of Exostar Token Management and click the “Authenticate” button. Then, enter a one-time password from your token into PCC eRx and click “Authenticate”.

Authenticate with Your Soft Token

To authenticate using your soft token, scroll to the Manage Mobile Credential section of Exostar Token Management and click the “Authenticate” button. Then, approve the request from the Authy app on your phone or enter a one-time password from your soft token into PCC eRx and click “Authenticate”.

Authenticate with Your Backup Phone Number

To authenticate using your backup phone number, scroll to the Manage Phones section of Exostar Token Management and click the “Authenticate” button. You will receive a call or a text from Exostar with a one-time password. Enter the one-time password into PCC eRx and click “Authenticate”.

After authenticating, you can take other actions in Exostar Token Management.

Add a New or Replacement Token

You can use the Exostar Token Management tool to add a new or replacement token to your EPCS account. This is useful when you need to replace a lost or broken hard token, set up a soft token using a new cell phone number, or configure a soft token for the first time after having skipped that step in the EPCS registration process.

Order New Hard Tokens from PCC: If your practice needs to order new hard tokens, contact PCC Support. PCC orders hard tokens from Exostar at no cost to you. Once ordered, Exostar ships hard tokens directly to your practice, generally in less than two weeks.

Add a Soft Token to Your EPCS Account

Set up your smartphone as a factor of authentication for EPCS.

Grab Your Hard Token and Your Smartphone

Get your EPCS hard token and smartphone in hand.

You will need to enter a one-time password from your hard token to unlock the rest of the actions in Exostar Token Management.

You will need your smartphone in order to set it up as a soft token.

Open Exostar Token Management

Click the “Exostar Token Management” button on the My Settings page in PCC eRx.

Exostar Token Management opens in a new window over PCC eRx.

Scroll to the Manage Token Section

Go to the Manage Token section within Exostar Token Management.

You will use the “Authenticate” button in this section and your EPCS hard token to validate your identity and unlock the other actions in Exostar Token Management.

Authenticate to Unlock Other Actions

Click the “Authenticate” button in the Manage Token section of Exostar Token Management.

The “Authenticate” button prompts you to validate your identity by entering a one-time password from your hard token. Grab your hard token, press the button to generate a one-time password, then type it into the token management window.

After you successfully authenticate, you can access the other actions in Exostar Token Management, including the option to add a new soft token.

No Hard Token? Authenticate Using Your Backup Phone Number: If you don’t have a hard token configured for EPCS, you can unlock the rest of the actions in Exostar Token Management using one of the backup phone numbers for your account. Scroll to the Manage Phones section to view those numbers and authenticate using one of them.

In Manage Mobile Credential, Click “Add Credential”

Scroll to the Manage Mobile Credential section of the page and click the “Add Credential” button to add a new soft token to your account.

Enter Your Cell Phone Number and Confirm Your Email

Set the country where your cell phone number was issued, type in your phone number, and confirm that the correct email address is listed.

You do not need to use any punctuation when typing in your phone number.

Click “Register Phone”

Click the “Register Phone” button to save your contact information and initiate the part of the process that takes place on your smartphone.

A blue loading bar labeled “Registration in progress…” will display in PCC eRx until you have finished the steps on your smartphone.

Tap the Authy Notification on Your Smartphone

Pick up your smartphone and tap the push notification from Authy to open the app.

No Notification? Open the App Manually: If you have the Authy app installed but do not receive a push notification, open Authy manually instead by tapping the app icon on your home screen.

Don’t Have the Authy App? Download it Now: If you do not have the Authy app installed on your smartphone, you will receive a text message with a download link instead of a push notification. Open the text message, click on the link, and install the Authy app before moving on to the next step.

Tap the Notification Icon in the Authy App

Tap the notification bell icon in the Authy app.

The red counter on the notification bell indicates that you have a new request to add a token.

No Notification? Finish Set Up Manually: If the notification bell in the Authy app does not display a red counter but you can see the PCC eRx soft token on your screen, click the ‘X’ beside the blue loading bar in PCC eRx, then enter a one-time password from your soft token into the “Soft OTP” field to finish registering your smartphone as your soft token for EPCS.

Approve the Pending Request

Tap the pending request from PCC eRx to approve it. Then, tap the green “Approve” button to confirm.

Once you approve the pending request, your smartphone becomes registered as a soft token for EPCS in PCC eRx.

Request Timeout: If the pending request from PCC eRx times out before you have a chance to approve it, tap “Exit” in the top left corner of your phone screen, click the ‘X’ beside the blue loading bar in PCC eRx, then enter a one-time password from your soft token into the “Soft OTP” field in PCC eRx.

Click “Cancel” to Save and Close Exostar Token Management

When you have finished adding the soft token to your account, click the “Cancel” button at the bottom of the window to save your work and exit Exostar Token Management.

Once registered, your soft token is bound to your identity, phone number, and device. Only you may use it as a second factor of authentication when sending electronic prescriptions for controlled substances from PCC eRx.

Add a Hard Token to Your EPCS Account

Add a hard token as a factor of authentication for EPCS.

Grab Your Hard Token and Your Smartphone

Get your EPCS hard token and smartphone in hand.

You will need to enter a one-time password from the soft token on your smartphone to unlock the rest of the actions in Exostar Token Management.

You will need your hard token in order to register it as an authentication method for EPCS.

No Soft Token? Authenticate Using Your Backup Phone Number: If you don’t have a soft token configured on your smartphone, you can unlock the rest of the actions in Exostar Token Management using one of the backup phone numbers for your account. You can see those numbers in the Manage Phones section of Exostar Token Management.

Open Exostar Token Management

Click the “Exostar Token Management” button on the My Settings page in PCC eRx.

Exostar Token Management opens in a new window over PCC eRx.

Scroll to the Manage Mobile Credential Section

Go to the Manage Mobile Credential section within Exostar Token Management.

You will use the “Authenticate” button in this section and the soft token on your smartphone to validate your identity and unlock the other actions in Exostar Token Management.

Authenticate to Unlock Other Actions

Click the “Authenticate” button in the Manage Mobile Credential section of Exostar Token Management.

The “Authenticate” button prompts you to validate your identity by approving a request in the Authy app or entering a one-time password from your soft token. Grab your smartphone and approve the Authy request, or open your soft token and type it into the “Soft OTP” field in the token management window.

After you successfully authenticate, you can access the other actions in Exostar Token Management, including the option to add a new hard token.

No Soft Token? Authenticate Using Your Backup Phone Number: If you don’t have a soft token configured on your smartphone, you can unlock the rest of the actions in Exostar Token Management using one of the backup phone numbers for your account. Scroll to the Manage Phones section to view those numbers and authenticate using one of them.

In Manage Token, Click “Add Token”

In the Manage Token section of Exostar Token Management, click the “Add Token” button to add a new hard token to your account.

Enter Your Hard Token’s Serial Number

Enter the serial number from the back of your hard token into PCC eRx.

Enter Two One-Time Passwords from Your Hard Token

Press the button on your hard token to generate a one-time password, then enter it into the field labeled “One-Time Password 1”.

Press the button a second time to generate another password, then enter it into the field labeled “One-Time Password 2”.

Both fields are required to resync your token.

Click “Submit”

Click the “Submit” button to finish registering your hard token.

Click “Cancel” to Save and Close Exostar Token Management

When you have finished adding the hard token to your account, click the “Cancel” button at the bottom of the window to save your work and exit Exostar Token Management.

Once registered, your hard token is bound to your identity. Only you may use it to validate your identity when sending electronic prescriptions for controlled substances from PCC eRx.

Remove a Token

If you lose access to one of your tokens, deactivate and remove it from your EPCS account so that you can add back a replacement.

Open Exostar Token Management

Click the “Exostar Token Management” button on the My Settings page in PCC eRx.

Exostar Token Management opens in a new window over PCC eRx.

Authenticate to Unlock Other Actions

Using your hard token, your soft token, or your backup phone number, whichever method you have available, authenticate your identity and unlock the other actions in Exostar Token Management.

To authenticate using your hard token, scroll to the Manage Token section and click the “Authenticate” button. Then, enter a one-time password from your token into PCC eRx and click “Authenticate”.

To authenticate using your soft token, scroll to the Manage Mobile Credential section and click the “Authenticate” button. Then, approve the request from the Authy app on your phone or enter a one-time password from your soft token into PCC eRx and click “Authenticate”.

To authenticate using your backup phone number, scroll to the Manage Phones section and click the “Authenticate” button. You will receive a call or a text from Exostar with a one-time password. Enter the one-time password into PCC eRx and click “Authenticate”.

After authenticating, you can take other actions in Exostar Token Management.

Deactivate Your Token

To deactivate your hard token, click “Deactivate Token” in the Manage Token section.

To deactivate your soft token, click “Deactivate” in the Manage Mobile Credential section.

Record the Reason

Document your reason for deactivating your token, then click the “Deactivate” button to complete the process.

Click “Cancel” to Save and Close Exostar Token Management

When you have finished removing the token from your account, click the “Cancel” button at the bottom of the window to save your work and exit Exostar Token Management.

After you deactivate a token, you can add back a replacement for it.

Resync a Token

When PCC eRx stops accepting one-time passwords from your hard token, you can try resyncing it to restore your ability to use it as a factor of authentication for EPCS.

Grab Your Hard Token

Get your hard token in hand. You will need it to complete the resync.

Open Exostar Token Management

Click the “Exostar Token Management” button on the My Settings page in PCC eRx.

Exostar Token Management opens in a new window over PCC eRx.

In Manage Token, Click “Resync Token”

Scroll to the Manage Token section and click the “Resync Token” button.

Enter Two One-Time Passwords from Your Hard Token

Press the button on your hard token to generate a one-time password, then enter it into the field labeled “One-Time Password 1”.

Press the button a second time to generate another password, then enter it into the field labeled “One-Time Password 2”.

Both fields are required to resync your token.

Click “Resync Token”

Click the “Resync Token” button after entering both passwords.

If you receive an error message, try again, double-checking to make sure that you are entering the passwords correctly.

Click “Cancel” to Save and Close Exostar Token Management

When you have finished resyncing your token, click the “Cancel” button at the bottom of the window to save your work and exit Exostar Token Management.

After resyncing, try sending an electronic prescription for a controlled substance to see if it has been restored. If resyncing does not restore use of your hard token, contact PCC Support.

Manage the Backup Phone Number for Your EPCS Account

You can set up a phone number as a backup authentication method for your EPCS account in case you lose access to both your hard and soft tokens. While you cannot use the backup phone number to send prescriptions for controlled substances, you can use it to authenticate in Exostar Token Management so that you can add new tokens back to your account and resume prescribing.

PCC recommends setting up at least one phone number when you register for EPCS, but you can update your backup phone number settings at any time in Exostar Token Management.

Add a Backup Phone Number

You can add one or several phone numbers as backup authentication methods for your EPCS account. You can use these phone numbers to authenticate and unlock the other actions in Exostar Token Management, which is especially useful if you lose access to both of your EPCS tokens and want to set up new ones without having to go through the Exostar identity proofing process a second time.

Open Exostar Token Management

Click the “Exostar Token Management” button on the My Settings page in PCC eRx.

Exostar Token Management opens in a new window over PCC eRx.

Authenticate to Unlock Other Actions

Using your hard token, your soft token, or your backup phone number, whichever method you have available, authenticate your identity and unlock the other actions in Exostar Token Management.

To authenticate using a backup phone number already connected to your account, scroll to the Manage Phones section and click the “Authenticate” button. You will receive a call or a text from Exostar with a one-time password. Enter the one-time password into PCC eRx and click “Authenticate”.

After authenticating, you can take other actions in Exostar Token Management.

In Manage Phones, Click “Add Phone”

In the Manage Phones section, click the “Add Phone” button to add a new number to your account as a backup authentication method.

Choose a Delivery Method

Choose how you want to receive messages from Exostar at this number.

Depending on your selection, Exostar will either text or call you with an authentication code when you use your backup phone number to unlock your account.

Enter Your Cell Phone Number

Set the country where your cell phone number was issued and type in your phone number twice to confirm it.

You do not need to use any punctuation when typing in your phone number.

Click “Send Code”

Click the “Send Code” button to prompt Exostar to send you an authentication code.

If you entered your phone number correctly, you will receive a phone call or text from Exostar with your authentication code.

Resend Code: If you do not receive a code, check that you entered your phone number correctly. If your number is correct, click “Resend Code” and wait to receive a different code. If you do not receive a code after a second attempt, contact PCC Support for assistance.

Enter the Code into PCC eRx

Answer the call or open the text from Exostar, then type your authentication code into the “One-Time Password Code” field in PCC eRx.

Click “Submit”

Submit the code to finish adding your phone number as a backup authentication method for your EPCS account.

Click “Cancel” to Save and Close Exostar Token Management

When you have finished adding your phone number as a backup authentication method, click the “Cancel” button at the bottom of the window to save your work and exit Exostar Token Management.

Delete a Backup Phone Number

You can remove old backup phone numbers from your EPCS account.

Open Exostar Token Management

Click the “Exostar Token Management” button on the My Settings page in PCC eRx.

Exostar Token Management opens in a new window over PCC eRx.

Authenticate to Unlock Other Actions

Using your hard token, your soft token, or your backup phone number, whichever method you have available, authenticate your identity and unlock the other actions in Exostar Token Management.

After authenticating, you can take other actions in Exostar Token Management.

Find the Phone Number to Delete

Scroll to the Manage Phones section of the screen and find the phone number you wish to delete from your account.

Click “Delete Phone”

Click the “Delete Phone” button next to the phone number you wish to delete.

This removes the phone number as a backup authentication method for your EPCS account.

If you deleted the only backup phone number that was listed, add a new one right away to ensure that you will be able to unlock your account settings in Exostar Token Management even if you lose access to both of your EPCS tokens.

Click “Cancel” to Save and Close Exostar Token Management

When you have finished deleting the backup phone number from your account, click the “Cancel” button at the bottom of the window to save your work and exit Exostar Token Management.

Change Your Delivery Method

When you set up a phone number as a backup authentication method to unlock Exostar Token Management, you can choose whether you want to receive your one-time passwords by text or phone call. You can change that delivery method preference later in the Manage Phones section of Exostar Token Management.

Open Exostar Token Management

Click the “Exostar Token Management” button on the My Settings page in PCC eRx.

Exostar Token Management opens in a new window over PCC eRx.

Authenticate to Unlock Other Actions

Using your hard token, your soft token, or your backup phone number, whichever method you have available, authenticate your identity and unlock the other actions in Exostar Token Management.

After authenticating, you can take other actions in Exostar Token Management.

Find the Phone Number to Update

Scroll to the Manage Phones section of the screen and find the phone number to update with a different delivery method.

In the Delivery Method Column, Click the “Change” Link

Click the blue “Change” link in the Delivery Method column beside the phone number whose settings you want to update.

The delivery method toggles to the option that was not previously selected.

Click “Cancel” to Save and Close Exostar Token Management

When you have finished changing your delivery method, click the “Cancel” button at the bottom of the window to save your work and exit Exostar Token Management.

Reset Your EPCS Password

If you lost or forgot your EPCS password, ask an eRx Administrator at your practice to help you reset it.

eRx Administrator Steps

First, an eRx Administrator resets the prescriber’s password.

Open PCC eRx Administration

On the Rx Queue tab in PCC EHR, click “Administration”.

Open EPCS Setup

Click on the “EPCS Setup” link.

Find the Prescriber

Search for the prescriber by last name.

Edit the Prescriber

Click the “Edit” link on the prescriber’s account.

Reset the Prescriber’s Password

Click the “Reset EPCS Password” button.

The screen updates with a message showing that the prescriber can reset their password.

Prescriber Steps

Next, the prescriber chooses a new password.

Open My Settings in PCC eRx

On the Rx Queue in PCC EHR, click “My Settings”.

Create a New EPCS Password

Click the “Reset EPCS Password” button, then create a new password that meets all of the criteria.

Click the “Submit” button to save the new password.

Close the Window

Once you have successfully reset your password, click “Cancel” to close the window and exit the workflow.

Never Revoke Your EPCS Account

Never Revoke Your Account: Never click the “Revoke Account” button in Exostar Token Management. If you believe you might need to take that action, contact PCC Support first.

Here are some related articles in Clinical Tasks > Prescribe Medications:

Install and Set Up the Authy App
The Authy app turns your smartphone into a secure password generator for taking certain actions on your PCC system. Secure Authy passwords are used in conjunction with your regular PCC password to provide an extra layer of security for your account. This article covers how to install and set up the Authy app on your smartphone and tailor notifications to your preference.
Register for EPCS
After a brief registration process, you can send electronic prescriptions for controlled substances (EPCS) from PCC eRx.
Prescribe Controlled Substances
Only registered users can send electronic prescriptions for controlled substances (EPCS), but anyone with permission to create prescriptions can prepare and edit them.
Allergies
PCC EHR tracks allergies in each patient’s chart. When the chart is up-to-date, PCC EHR can automatically warn you about drug allergies as you prescribe, create lists of patients based on allergies, and display custom alerts to users whenever they work with a patient’s chart.
PCC eRx – Set Up Staff and Clinicians
Watch this quick guide to learn how to set up staff and clinicians in your office to use the e-prescribing features in PCC EHR.
Set Up PCC eRx User Access
Before a clinician or staff member can prescribe medications or modify a patient's medication information, they must have PCC eRx enabled on their user account in PCC EHR. Follow the procedure in this article below to enable PCC eRx for providers or any staff at your practice.
Prescribe Medications
Learn the basics of how to create and send prescriptions from your PCC system.
The Rx Queue: Alternate Prescribing Workflows
Use the Rx Queue in PCC EHR to work with alternate prescription workflows. You can quickly respond to renewal requests, sign agent prescriptions, and finalize pending prescriptions.
Review and Update Medication History
At every visit, you ask patients what medications they are on. In PCC EHR, you can quickly review and update the chart record of a patient's medications. Special medication history features and tools make prescribing faster.
PCC eRx – EPCS Enrollment
Watch this video to learn how to turn on EPCS access, register a prescriber, and how to register tokens.
PCC eRx Component Reference
Special tips and features of each component in the PCC eRx section of a patient's chart.
Create Custom Medications and Sentences in PCC eRx
Your practice can create custom medication entries to make it easier to find and prescribe non-standard prescriptions or instructions, such as the "magic mouthwash" compound, a particular piece of medical equipment or supply, or your practice's preferred albuterol inhaler dosing.
Optimize PCC eRx Searches with Shortcuts and Hiding
You can save time when you search for a drug in PCC eRx by creating search short cuts, hiding unused drugs and dosing statements, and following some best practices when you search.
Customize PCC eRx Alerts and Warnings
Contents1 Safety Alerts1.1 Turn Off a Safety Alert1.2 Restrict a Safety Alert to Certain Roles1.3 Edit the Severity Level for an Alert2 Custom Medication Warnings2.1 Create a New Warning Message2.2 View Your Warning Message PCC eRx is set up to be very conservative by default. As you prescribe, PCC eRx will alert you to any […]
Optimize Drug Search in PCC eRx
Learn how to use custom search terms and orderable exclusions to streamline your prescribing process in PCC eRx.
PCC eRx Beyond the Basics
Learn answers to FAQs, configuration and customization options, and helpful tips for using PCC eRx, the prescription module inside PCC EHR.
PCC eRx Prescription Favorites
Contents1 Prescribe with Favorites1.1 Add a New Favorite as You Prescribe2 Manage Your Favorites from My Settings2.1 Turn Automatic Favorites Off or On2.2 Choose How Favorites Appear in the Prescribe Component2.3 Add Favorites Manually from My Settings2.4 Working with Weight-Based Favorites2.5 Edit or Delete an Existing Favorite2.6 Pin, Unpin, and Exclude3 Administrator Only: Share Favorites […]
Prescribe Medications
Learn the basics of how to prescribe in PCC eRx, including how to handle common prescribing scenarios. Plus, get an overview of PCC eRx's many prescribing features designed with pediatrics, prescribers, and safety in mind.
Work with Pharmacies
Find and select a pharmacy while you prescribe, see where prescriptions were sent and dispensed, and manage patient pharmacies.
Check Prescription Pricing and Insurance Coverage While You Prescribe
When you prepare a prescription, you can see how much it will cost out-of-pocket, whether it requires prior authorization, and if there are more cost-effective alternatives.
Check Prescription Pricing and Insurance Coverage While You Prescribe
When you prepare a prescription, you can see exactly how much it will cost your patient at the pharmacy and how it's covered by their prescription insurance.
Resend a Prescription
If a pharmacy is unable to fill your patient’s prescription, use the “Resend” button to reroute the prescription to a different pharmacy. You can also use the “Resend” button to fix mistakes on a prescription and resend it to the original pharmacy. Retracing Your Steps There are several places you can see all versions of […]
Resend a Prescription
Resend a prescription to a different pharmacy, or the same pharmacy with different details.
PCC eRx My Settings Reference
Use the My Settings page to tailor PCC eRx to your personal preferences and workflows.

Open Exostar Token Management

Authenticate to Unlock Other Actions

Authenticate with Your Hard Token

Authenticate with Your Soft Token

Authenticate with Your Backup Phone Number

Add a New or Replacement Token

Add a Soft Token to Your EPCS Account

Add a Hard Token to Your EPCS Account

Remove a Token

Resync a Token

Manage the Backup Phone Number for Your EPCS Account

Add a Backup Phone Number

Delete a Backup Phone Number

Change Your Delivery Method

Reset Your EPCS Password

eRx Administrator Steps

Prescriber Steps

Never Revoke Your EPCS Account

Related Articles