How to get bearer token from Postman?

[Richard Rao]

Please help me on this.  I want to test it out on Postman.  I do have a system account.

[Tim Dean]

I don't speak for Cerner, but here is what I have done to get this working in Postman:

1) Issue a GET to the Cerner tenant's metadata endpoint:

GET https://<cerner_fhir_base_url>/r4/<tenant_id>/metadata

2) Retrieve the token URL from the response, by looking under the rest[0].security.extension[0] JSON array and finding the value URI associated with the url "token". That is the token endpoint you will need to generate your access bearer token.

3) Issue a POST to the token endpoint using a body type of x-www-form-urlencoded and with the following body parameters:

* grant_type - Should be set to client_credentials

* scope - Should be set to a space-delimited list of the FHIR scopes you are requesting access to. The list of scopes must typically be chosen from those that have been registered with Cerner Ignite's auth service for your system application

You will also need to set the Authorization section in Postman for this request to use Basic auth. The user name should be set to the account ID for your the system account. The password should be the client secret for your system account.

4) Parse the response JSON to extract the access_token property - That is your new bearer token. The expiration time for that bearer token can be computed using the expires_in property of the response