Back to Top Skip to main content the official website of the Military Health System (MHS) and the Defense Health Agency (DHA)

Utility Navigation Links

TRICARE Systems Manual 7950.4-M, April 2021
General Automated Data Processing (ADP) Requirements
Chapter 1
Section 1.2
Beneficiary Authentication Requirements
1.0  The contractor shall use the DMDC Authentication service to perform authentication for beneficiary web access to contractor portals or web sites that access beneficiary-specific TRICARE data. The DMDC Authentication service supports the DoD approved enterprise self-service credential called the DoD Self-Service Logon (DS Logon) account.
1.1  Available credentialing options may be modified due to security enhancements, and will be made known when available.
1.2  The contractor may use authentication methods that meet National Institute of Standards and Technology (NIST) Level 2 requirements (NIST Special Publication (SP) 800-63) for beneficiaries that are not eligible to receive DS Logon accounts.
2.0  Access to beneficiary specific TRICARE data requires authentication with the approved DoD credential, or their equivalent. DMDC issues the DS Logon credential; DMDC retains responsibility for maintaining this credential.
•  An authentication service will be provided by DMDC for the DS Logon credential.
•  The contractor shall use the DMDC Authentication service at the registration point for beneficiary access to the contractor portal or web site for all beneficiaries eligible to obtain a DS Logon.
•  The contractor shall use the authentication service to validate authentication of a beneficiary every time a contractor portal or web site is accessed.
3.0  Upon presentation of the DS Logon credential, the DMDC Authentication service will provide the following data to the contractor upon successful authentication:
•  Method of Authentication (e.g., DS Logon).
•  Status of the account.
•  Identity information of the authenticated beneficiary (e.g., DoD Electronic Data Information Patient (EDI) PIN).
•  Affiliation information of the authenticated beneficiary to the DoD.
•  Family member association including DoD EDI PIN of the sponsor.
4.0  The contractor may use the information returned with a successful authentication to enforce any application specific business rules. For example, the contractor may exclude access by a parent to a family member’s Explanation Of Benefits (EOB) information if the family member is over the age of 18.
5.0  The contractor shall rely on their own authentication methodology to authenticate users accessing beneficiary-specific TRICARE data via a contractor portal or website for those beneficiaries ineligible for a DS Logon.
- END -

Utility Navigation Links

DoD Seal is the official website of the Defense Health Agency (DHA) a component of the Military Health System

TRICARE is a registered trademark of the Department of Defense (DoD), DHA. All rights reserved.

CPT only © 2006 American Medical Association (or such other date of publication of CPT). All Rights Reserved.

If you have a question regarding TRICARE benefits, please go to the TRICARE Contact Us page page.
If you need help with technical/operational issues, please go to the TRICARE Manuals Online Help page.

The appearance of hyperlinks to external websites does not constitute endorsement by the DHA of these websites or the information, products or services contained therein. For other than authorized government activities, the DHA does not exercise any editorial control over the information you may find at other locations. Such links are provided consistent with the stated purpose of this DoD website.


DHA Address: 7700 Arlington Boulevard | Suite 5101 | Falls Church, VA | 22042-5101

Some documents are presented in Portable Document Format (PDF). A PDF reader is required for viewing. Download a PDF Reader or learn more about PDFs.