{"statusCode":401,"body":"{\"error\":\"invalid_client\",\"error_uri\":\"https://authorization.cerner.com/errors/urn%3Acerner%3Aerror%3Aauthorization-server%3Aoauth2%3Atoken%3Ainvalid-authorization-header/instances/b47649b4-b29c-48f3-afea-f4ce68fb85d0?tenant=ec2458f2-1e24-41c8-b71b-0e701af7583d\"}","headers":{"expect-ct":"enforce, max-age=30","www-authenticate":"Basic realm=\"CernerCare\"","access-control-allow-origin":"*","access-control-allow-methods":"OPTIONS, POST","access-control-allow-headers":"Content-Type, Authorization, Accept, Cerner-Correlation-Id","cache-control":"no-store","pragma":"no-cache","cerner-correlation-id":"b47649b4-b29c-48f3-afea-f4ce68fb85d0","content-type":"application/json;charset=UTF-8","content-length":"263","date":"Mon, 12 Jul 2021 22:18:10 GMT","server":"cloud_authorization_server1","connection":"close","strict-transport-security":"max-age=631138519; includeSubDomains"},"request":{"uri":{"protocol":"https:","slashes":true,"auth":null,"host":"authorization.cerner.com","port":443,"hostname":"authorization.cerner.com","hash":null,"search":null,"query":null,"pathname":"/tenants/ec2458f2-1e24-41c8-b71b-0e701af7583d/protocols/oauth2/profiles/smart-v1/token","path":"/tenants/ec2458f2-1e24-41c8-b71b-0e701af7583d/protocols/oauth2/profiles/smart-v1/token","href":"https://authorization.cerner.com/tenants/ec2458f2-1e24-41c8-b71b-0e701af7583d/protocols/oauth2/profiles/smart-v1/token"},"method":"POST","headers":{"Accept":"application/json","content-type":"application/x-www-form-urlencoded","content-length":177}}}
Roshaan, as the other responder said it may be the case that you don’t need the Authorization header, but if you’ve configured to receive a refresh token I think you probably do … and in that case, your format is still not quite right. The format of the authorization header is “Basic “ + the base 64 encoding of the string formed by concatenating the client id, a “:” and the client secret. See example code here: https://github.com/seanno/shutdownhook/blob/v1/toolbox/src/main/java/com/shutdownhook/toolbox/WebRequests.java#L92 and the spec here: https://hl7.org/fhir/smart-app-launch/basic-auth-example/index.html
Let us know how it goes!
---S
--
You received this message because you are subscribed to a topic in the Google Groups "Cerner FHIR Developers" group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/cerner-fhir-developers/M0N6BBTTJnA/unsubscribe.
To unsubscribe from this group and all its topics, send an email to
cerner-fhir-devel...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/cerner-fhir-developers/964b78a1-dfc3-47b6-a473-fc10ceaade6cn%40googlegroups.com.
{"error":"invalid_grant","error_uri":"https://authorization.cerner.com/errors/urn%3Acerner%3Aerror%3Aauthorization-server%3Aoauth2%3Atoken%3Acode-invalid-or-expired/instances/e3dcc972-486f-446d-b808-262dd206a091?tenant=ec2458f2-1e24-41c8-b71b-0e701af7583d","expires_at":"20210715T12:46:50"}
I know that code is not reusable and it has expired, but I am making a new set of API calls which are in this order: