authorization api not giving access token for resource type ‘’ in production

Skip to first unread message

Sep 24, 2018, 2:21:52 PM9/24/18
to Cerner FHIR Developers
I am trying to access diagnostic report api in prod.
I am trying to get access token using auth api-{my tenant id}/protocols/oauth2/profiles/smart-v1/token?......scope=system/

In response- I am not getting access token for resource type ‘’ 

APi response below has everything i requested but missing resource type ‘’


    "access_token": "<token>",

    "scope": "system/ system/Patient.write system/ system/ system/RelatedPerson.write",

    "token_type": "Bearer",

    "expires_in": 570


It works fine in sandbox.

any help will be highly appreciated.


Nadim Zafar

Adventist health system

Jenni Syed (Cerner)

Sep 25, 2018, 9:07:14 AM9/25/18
to Cerner FHIR Developers
Hi Nadim,

Can you provide a correlation id or x-request-id of one of your requests (returned in headers for all calls to the auth server or FHIR server)? This will help us track down the call stack to confirm the app and configuration.


nadim zafar

Sep 25, 2018, 9:19:24 AM9/25/18
Cerner-Correlation-ID →9c6c3fbb-bf77-4bc1-af26-45322925dd1c
Thanks Syed.


You received this message because you are subscribed to the Google Groups "Cerner FHIR Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
To post to this group, send email to
To view this discussion on the web visit
For more options, visit

Jenni Syed (Cerner)

Sep 26, 2018, 2:21:52 PM9/26/18
to Cerner FHIR Developers
To summarize: after investigation we noted that the app being used here was authorized for a different set of functionality and scopes, and the scope above wasn't in the list of authorized scopes for the app. In non-production and sandbox, this can be addressed my selecting additional scopes (though you should make sure you have separate apps built for things that are truly separate workflows and use cases/applications). 

In production, this takes a request sent in to update config or onboard another application. 

~ Jenni
Reply all
Reply to author
0 new messages