Insufficient scope to read CareTeam?

59 views
Skip to first unread message

Denis Mulder

unread,
Dec 5, 2018, 6:26:37 PM12/5/18
to Cerner FHIR Developers
I am trying to get a care team by using GET https://fhir-myrecord.sandboxcerner.com/dstu2/0b8a0111-e8e6-4c26-a91c-5069cbc6b1ca/Careplan/patient%3D4342010%26category%3Dcareteam

I am getting the following insufficient scope error:


HTTP/1.1 403 Forbidden
Connection: keep-alive
x-amzn-RequestId: 125a4e13-f8e4-11e8-87c1-fd93ca967c8e
x-amzn-ErrorType: AccessDeniedException
x-amz-apigw-id: RdNumGNyPHcF48A=
X-Cache: Error from cloudfront
X-Amz-Cf-Id: U82DBSjJZxj2KnHpZ5Gwo8RND0BIqmjPrdqUDjX30X3g-TSRR-V7CQ==
Content-Length: 1
Content-Type: text/html
Date: Wed, 05 Dec 2018 23:18:27 GMT
WWW-Authenticate: Bearer realm="Cerner Millennium",  error="insufficient_scope"

My requested scope was:

patient/Observation.read patient/AllergyIntolerance.read patient/Condition.read patient/Procedure.read patient/MedicationStatement.read patient/MedicationOrder.read patient/CarePlan.read patient/CareTeam.read patient/Goal.read patient/Device.read patient/DocumentReference.read patient/Binary.read patient/DiagnosticReport.read user/Practitioner.read patient/Patient.read offline_access launch/patient

I am getting the same error if I use user/CareTeam.read

I am able to see the CarePlan, just not the CareTeam.

What am I doing wrong?

Denis Mulder

unread,
Dec 5, 2018, 9:23:08 PM12/5/18
to Cerner FHIR Developers
Could this be because the web portal for the app registration does not show patient/CareTeam as an option? Could somebody give my app that CareTeam scope?

Jenni Syed (Cerner)

unread,
Dec 7, 2018, 9:53:33 AM12/7/18
to Cerner FHIR Developers
Hi Denis,

Just following up: It looks like you found the original thread and got an answer over here: https://groups.google.com/d/msg/cerner-fhir-developers/0sWebtglL3E/PT66H2B-BAAJ

~ Jenni

Denis Mulder

unread,
Dec 7, 2018, 10:15:07 AM12/7/18
to Cerner FHIR Developers
Well, the answer was that the CareTeam people are working on a solution. In the mean time, would it be possible to give my app permission to read the CareTeam resources. This option is not exposed on your app registration webpage. But I understand from this forum that you can give that permission to the app behind the UI?
Reply all
Reply to author
Forward
0 new messages