Hello,
I am using the recommended Ruby client library for FHIR/OAuth2, following are my app registration details
Client Id: ea8c6477-cd97-4769-a791-2a91d7ad42b9
App Id: 5d7353a0-8d8d-4921-9596-2a41cbaee631
Redirect URI: https://localhost:3000/smart-on-fhir
App Type: provider
FHIR Spec: dstu2 - "https://fhir-ehr.sandboxcerner.com/dstu2/0b8a0111-e8e6-4c26-a91c-5069cbc6b1ca"
Authorized:
true
Scopes: .....
This app is intended to be used by nurses to access patient data.
Here is very simple ruby script I use to test basic OAuth2 access to Cerner sandbox and here is the output showing invalid client error returned.
{"error":"invalid_client","error_uri":"https://authorization.sandboxcerner.com/errors/urn%3Acerner%3Aerror%3Aauthorization-server%3Aoauth2%3Atoken%3Ainvalid-authorization-header/instances/c6d8d822-3cc6-434f-9b25-fe00194b4814?client=unknown&tenant=0b8a0111-e8e6-4c26-a91c-5069cbc6b1ca"}
Do I need a client_secret to successfully authenticate in sandbox? If so where can I find one.
I have also tried to use the 'dstu2' branch and that doesn't seem to be working out of the box, complains about missing 'fhir_models'
Thanks in advance for your help.
Best Regards,
Daya
--
You received this message because you are subscribed to a topic in the Google Groups "Cerner FHIR Developers" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/cerner-fhir-developers/djdi2I90jxo/unsubscribe.
To unsubscribe from this group and all its topics, send an email to cerner-fhir-devel...@googlegroups.com.
To post to this group, send email to cerner-fhir...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/cerner-fhir-developers/8b161d12-92cc-4d67-841b-7e16b34d6fd4%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Hi Jenni,Thanks for your response as mentioned earlier, the app is registered App Type: provider the app is designed for nurses to access patient and receive reminders even without active session.The client_id is invisible because of log levels but is a part of the HTTP call.Regards,Daya
On Tue, Oct 2, 2018 at 1:15 PM 'Jenni Syed (Cerner)' via Cerner FHIR Developers <cerner-fhir-developers@googlegroups.com> wrote:
Hi Daya,--Based on your trace below, I don't see the body, so it's hard to say explicitly *why* it's missing, but I suspect the POST body and/or authorization header is missing the required fields as described on our authorization documentation (and shown in examples). Specifically, at least your client id is missing, and there could be other pieces missing depending on the grant type the app is using. How is your application registered in the code console? Does it do access on behalf of a user (patient or provider type)? Or access on behalf of a system (system type)?You can see the steps to register, and that there's an additional step required if your application requires offline_access (the only use case we support for confidential apps) or requires access on behalf of a system/without a user being logged in: https://fhir.cerner.com/authorization/#registrationAlso, for future reference, we usually need just the correlation id (if an error from authorization) or the x-request-id (if an error on the FHIR server) to troubleshoot. If we need more info, we can reach out to you. This approach helps avoid posting sensitive information to public groups, especially once your app moves to prod :)~ Jenni
You received this message because you are subscribed to a topic in the Google Groups "Cerner FHIR Developers" group.
To post to this group, send email to cerner-fhir-developers@googlegroups.com.