Skip to first unread message
Assigned to Fenil....@cerner.com by me
Matt Moore
Jul 21, 2021, 11:28:37 AM7/21/21
to Cerner FHIR Developers
I'm trying to do a basic Patient search after retrieving a token successfully using my system account - https://fhir-ehr-code.cerner.com/r4/ec2458f2-1e24-41c8-b71b-0e701af7583d/R4/Patient?birthdate=2008-01-06&gender=Male&given=Timothy&family=Bixby
I get "diagnostics": "Bearer realm=\"fhir-ehr-code.cerner.com\", error=\"insufficient_scope\". Request id is - X-Request-Id: d2e12661-d31f-48aa-ac99-33cda2a31e8d.
I am specifying the "system/Patient.read" scope in my auth token request that I send to https://authorization.cerner.com/tenants/ec2458f2-1e24-41c8-b71b-0e701af7583d/protocols/oauth2/profiles/smart-v1/token.
So, I think I should get a no patients found response here given that I should have appropriate scope for Patient.read.
Anything I'm missing? I've read and reread the system auth documentation and I don't think I'm missing anything.
Fenil Desani (Cerner)
Jul 21, 2021, 5:09:51 PM7/21/21
to Cerner FHIR Developers
Hello,
The API call to search for patients looks incorrect. Please refer http://fhir.cerner.com/millennium/r4/base/individuals/patient/#search
Also, when you make the call to token endpoint to get access token, is system/Patient.read scope returned in the response?
Also, when you make the call to token endpoint to get access token, is system/Patient.read scope returned in the response?
Thanks,
Fenil
Matt Moore
Jul 26, 2021, 5:39:20 PM7/26/21
to Cerner FHIR Developers
Oh jeez, that was definitely it. My app was inadvertently sticking an `/R4` in the URL. My bad!
Looks like the scope in the token was in good shape all along.
Reply all
Reply to author
Forward
This conversation is locked
You cannot reply and perform actions on locked conversations.
0 new messages