Soft Token Expired Troubleshooting

During the prescription process the prescriber may receive the following error, “Soft Token Expired.” This can occur if they have changed the password in the HID Approve app process on their mobile device and have not updated Smartcare, or if they have gotten a new phone or reinstalled the app on their phone and haven’t registered the new device with SmartCare.

Four Steps to Complete
  1. Remove mobile device in SmartCare.
  2. Register mobile device in SmartCare.
  3. Enable EPCS permission. See CalMHSA support website.
  4.  Grant EPCS permission. See CalMHSA support website.


Before beginning, you may need to add the ‘Administrator’ override access to your account.  This permission gives you the ability to administrate the Rx Management System. This permission SHOULD NOT be granted to a prescriber UNLESS they need it to grant their own EPCS permission.  This permission should ONLY be granted to system administrators.  If this permission is granted to a prescriber, it should be removed immediately after they have enabled their EPCS permission.

  1. Click on the Search icon.
  2. Type “staff/users” in the search bar.
  3. Select “Staff/Users (Administrators)” from the search results.
  1. Type in name of staff.
  2. Select “Apply” to find staff.
  3. Select staff name.
  1. In Staff Details, Select “General” Tab.
  2. Go to “Access Rights” section, select “Administrator (Overrides Role Based Permissions).”
  3. Select “Save.”

Step 1 Remove Mobile Device from SmartCare

  1. Click on Search icon.
  2. Type “Medications” in the search box.
  3. Select “Medications (My Office)” from the search results.
  1. Once screen opens look for “Manage Users.”  Select “Manage User” icon.

The “User Management” screen opens which shows a list of all active employees.  You can search for the staff by using a few ways:

    1. Type Last Name, First Name of staff and Select “Search.”
    2. Use Scroll bar to scroll down through list and find staff on left side of screen.
  1. Find the staff name, and Select staff name.

You will be taken to the “User Preferences” screen where you will find their general information, license information, Surescripts registration, and EPCS Device Registration.

At the bottom right of this screen you should see a box area titled EPCS Device Registration.  It should look like below with information in the Device Name, Device Serial #, and Device Username fields.  It should also show “Authenticated” with “Yes” and green check mark. 

NOTE:  Copy “Device Username.”  Many times, this is the same as the “Soft Token User Name” which will be used to register the device in the very next process.

  1. Select radio button next to “None.”
  1. At top right of screen, Select “Save.” Wait for it to process.
  2. Select “Start Page.”
This should return you to the Start Page.
  1. Select “Refresh Shared Tables.” Wait for it to process. Your browser will refresh.
  2. Select “Manage Users.” Search for the staff member to see if their device information cleared.

Most of the time the device information will still be showing in the box.  Do the process one more time to make sure it clears.  This means selecting none, saving, and going out and back into screen.  When you go back into the “User Preferences” screen the second time the information should be cleared and appear as below. 

At this point we now want to register the mobile device with Smartcare.  This will update Smartcare with new security information from IdenTrust.  Click on the link below to take you to our support website for further instructions on registering the device with Smartcare, enabling EPCS, and then granting the final EPCS permission.

Further Steps:

  1. EPCS Registration. Click link above and go to section “STEP III: EPCS Registration.”
  2. Enabling EPCS. Using the above link, go to STEP IV: Enabling EPCS.