insufficient_scope

51 views
Skip to first unread message
Assigned to Fenil....@cerner.com by me

Matt Moore

unread,
Jul 21, 2021, 11:28:37 AM7/21/21
to Cerner FHIR Developers
I'm trying to do a basic Patient search after retrieving a token successfully using my system account - https://fhir-ehr-code.cerner.com/r4/ec2458f2-1e24-41c8-b71b-0e701af7583d/R4/Patient?birthdate=2008-01-06&gender=Male&given=Timothy&family=Bixby

I get "diagnostics": "Bearer realm=\"fhir-ehr-code.cerner.com\", error=\"insufficient_scope\". Request id is - X-Request-Id: d2e12661-d31f-48aa-ac99-33cda2a31e8d.

I am specifying the "system/Patient.read" scope in my auth token request that I send to https://authorization.cerner.com/tenants/ec2458f2-1e24-41c8-b71b-0e701af7583d/protocols/oauth2/profiles/smart-v1/token.

So, I think I should get a no patients found response here given that I should have appropriate scope for Patient.read.

Anything I'm missing? I've read and reread the system auth documentation and I don't think I'm missing anything.

Fenil Desani (Cerner)

unread,
Jul 21, 2021, 5:09:51 PM7/21/21
to Cerner FHIR Developers
Hello,

The API call to search for patients looks incorrect. Please refer http://fhir.cerner.com/millennium/r4/base/individuals/patient/#search
Also, when you make the call to token endpoint to get access token, is system/Patient.read scope returned in the response?

Thanks,
Fenil

Matt Moore

unread,
Jul 26, 2021, 5:39:20 PM7/26/21
to Cerner FHIR Developers
Oh jeez, that was definitely it. My app was inadvertently sticking an `/R4` in the URL. My bad!

Looks like the scope in the token was in good shape all along.

Reply all
Reply to author
Forward
This conversation is locked
You cannot reply and perform actions on locked conversations.
0 new messages