Groups
Groups
Conversations
All groups and messages
Send feedback to Google
Help
Training
Sign in
Groups
Groups
Oracle Cerner FHIR Developers
Conversations
Labels
About
insufficient_scope
70 views
authorization
patient
Skip to first unread message
Assigned to Fenil....@cerner.com by me
Matt Moore
unread,
Jul 21, 2021, 11:28:37 AM
7/21/21
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Cerner FHIR Developers
I'm trying to do a basic Patient search after retrieving a token successfully using my system account -
https://fhir-ehr-code.cerner.com/r4/ec2458f2-1e24-41c8-b71b-0e701af7583d/R4/Patient?birthdate=2008-01-06&gender=Male&given=Timothy&family=Bixby
I get "diagnostics": "Bearer realm=\"
fhir-ehr-code.cerner.com
\", error=\"insufficient_scope\". Request id is - X-Request-Id: d2e12661-d31f-48aa-ac99-33cda2a31e8d.
I am specifying the "system/Patient.read" scope in my auth token request that I send to
https://authorization.cerner.com/tenants/ec2458f2-1e24-41c8-b71b-0e701af7583d/protocols/oauth2/profiles/smart-v1/token
.
So, I think I should get a no patients found response here given that I should have appropriate scope for Patient.read.
Anything I'm missing? I've read and reread the system auth documentation and I don't
think
I'm missing anything.
Fenil Desani (Cerner)
unread,
Jul 21, 2021, 5:09:51 PM
7/21/21
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Cerner FHIR Developers
Hello,
The API call to search for patients looks incorrect. Please refer
http://fhir.cerner.com/millennium/r4/base/individuals/patient/#search
Also, when you make the call to token endpoint to get access token, is system/Patient.read scope returned in the response?
Thanks,
Fenil
Matt Moore
unread,
Jul 26, 2021, 5:39:20 PM
7/26/21
Reply to author
Sign in to reply to author
Forward
Sign in to forward
Delete
You do not have permission to delete messages in this group
Copy link
Report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to Cerner FHIR Developers
Oh jeez, that was definitely it. My app was inadvertently sticking an `/R4` in the URL. My bad!
Looks like the scope in the token was in good shape all along.
Reply all
Reply to author
Forward
This conversation is locked
You cannot reply and perform actions on locked conversations.
0 new messages