We have registered a Sandbox App as below
Client Id: ec1ec9ab-05e5-4e12-b6c1-357cec375ceb
App Id: 654a485f-7e7e-4390-b709-8966654c0b24
SMART Launch URI:
https://localhost:44304/SmartClient/Redirect URI:
https://localhost:44304/SMARTArchive/APPID/App Type: providerFHIR Spec: dstu2 - "
https://fhir-ehr-code.cerner.com/dstu2/ec2458f2-1e24-41c8-b71b-0e701af7583d"
Authorized: true
Standard Scopes: launch profile fhirUser openid online_access
Patient Scopes: patient/Patient.read
User Scopes: user/Patient.read user/Person.read
user/Practitioner.read
As you can see, it is a provider app, and it has Practioner.read scope.
It lauches our SMART app without any issues, we are also being given the token response well and trying to get the user information using access token but it resulted in the insufficient_scope error when trying to access the user ID url
{
"resourceType": "OperationOutcome",
"issue": [
{
"severity": "error",
"code": "forbidden",
"location": [
"http.Authorization"
]
}
]
}
How to fix this error.