authorization api not giving access token for resource type ‘DiagnosticReport.read’ in production

nadi...@gmail.com

unread,

Sep 24, 2018, 2:21:52 PM9/24/18

to Cerner FHIR Developers

I am trying to access diagnostic report api in prod.

URL-https://fhir-myrecord.cerner.com/dstu2/{my tenant id}/DiagnosticReport?patient={patientId}

I am trying to get access token using auth api-

https://authorization.cerner.com/tenants/{my tenant id}/protocols/oauth2/profiles/smart-v1/token?......scope=system/Patient.read%20system/Patient.write%20system/Contract.read%20system/Contract.write%20system/RelatedPerson.read%20system/RelatedPerson.write%20system/Appointment.read%20system/DiagnosticReport.read

In response- I am not getting access token for resource type ‘DiagnosticReport.read’

APi response below has everything i requested but missing resource type ‘DiagnosticReport.read’

{

"access_token": "<token>",

"scope": "system/Patient.read system/Patient.write system/Contract.read system/RelatedPerson.read system/RelatedPerson.write",

"token_type": "Bearer",

"expires_in": 570

}

It works fine in sandbox.

any help will be highly appreciated.

Regards,

Nadim Zafar

Adventist health system

Jenni Syed (Cerner)

unread,

Sep 25, 2018, 9:07:14 AM9/25/18

to Cerner FHIR Developers

Hi Nadim,

Can you provide a correlation id or x-request-id of one of your requests (returned in headers for all calls to the auth server or FHIR server)? This will help us track down the call stack to confirm the app and configuration.

Thanks,

Jenni

nadim zafar

unread,

Sep 25, 2018, 9:19:24 AM9/25/18

to cerner-fhir...@googlegroups.com

sure.

Cerner-Correlation-ID →9c6c3fbb-bf77-4bc1-af26-45322925dd1c

Thanks Syed.

Regards,

Nadim

--
You received this message because you are subscribed to the Google Groups "Cerner FHIR Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cerner-fhir-devel...@googlegroups.com.
To post to this group, send email to cerner-fhir...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/cerner-fhir-developers/b3ac271b-87d8-4d99-b1da-533248a00d05%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Jenni Syed (Cerner)

unread,

Sep 26, 2018, 2:21:52 PM9/26/18

to Cerner FHIR Developers

To summarize: after investigation we noted that the app being used here was authorized for a different set of functionality and scopes, and the scope above wasn't in the list of authorized scopes for the app. In non-production and sandbox, this can be addressed my selecting additional scopes (though you should make sure you have separate apps built for things that are truly separate workflows and use cases/applications).

In production, this takes a request sent in to update config or onboard another application.

~ Jenni

Reply all

Reply to author

Forward