Hi Cerner,
I have some have problems with Authorization.
I got the public sandbox to work and was able to get physicians and patients using API calls.
But when I try a bearer token call thru Authorization, I get a 403 Forbidden Error
Here how I setup authorization to first:
I encoded64 client:sercet for Basic Authorization
Send API call
with
Authorization: Basic {encoded client:sercet}
Body: grant_type=client_credentials&scope=system%2FPatient.read
Accept: application/json
Content-Type: application/x-www-form-urlencoded
Then I used the access token part of the response as a Bearer token for my next call.
When I use my Bearer Token on my next call I get 403 Forbidden error.
{
"resourceType": "OperationOutcome",
"issue": [
{
"severity": "error",
"code": "forbidden",
"diagnostics": "Tenant [mQjCqHb5rkr1u1foU4dqhQPBpi7Qk9R4] not valid or accessible"
}
]
}
The weird part is:
I am able to access physicians list (/Practitioner?active=true) with bearer token authorization. It gives me a long list of practitioners.
But I cannot access anything else like patient (/Patient/{value}).
Can you help me?
How can it get facilities list with Authorization but can't get Patient call with the same call?
Does Patient have to be unlocked? (I sent grant_type=client_credentials&scope=system%2FPatient.read as GrantType during basic
Authorization)
Thank you,
Brad