Redirect uri custom schema

[Oleksiy Kononenko]

I am working on a native standalone application for our doctors for internal use and i do not know what to set as my callback URL. I tried to use my custom schema `myclinicalviewer://` in fhir cerner console and my app got created https://code.cerner.com/developer/smart-on-fhir/apps/5f3100a1-d587-4aab-895b-bb05d1c8070a but now i can't update that url  because i am getting an error : Error! Failed to modify your SMART app. Please try again!

Is it a limitation of current platform? If so what should i put as redirect url back to my native app from Oauth2 workflow?

[Kol Kheang (Cerner)]

Hi Oleksiy,

This is not a valid scheme.  You'll need to put something else after the // part.  Please see this section 

Native Client Applications on Mobile Platforms from http://fhir.cerner.com/authorization/#requesting-authorization-on-behalf-of-a-system.

Ideally, it should be something similar to sample.application://callback.

Thanks,

Kol

[Oleksiy Kononenko]

I made progress finally. I am now able to get `authorization_code` redirected back to my application. Basically in native iOS app i open a webview in separate view that walks user thru Oath2 flow. If Authorization is successful webview redirects back to my app with using custom scheme that I defined with code parameter appended to redirect uri. The application then receives that url and i can parse out the needed code. 

However when i try to request an access token i get an error redirect URI is invalid. I do not get how it is possible because i get past first phase and receive authorization code:

curl -X POST \

  https://authorization.sandboxcerner.com/tenants/0b8a0111-e8e6-4c26-a91c-5069cbc6b1ca/protocols/oauth2/profiles/smart-v1/token \

  -H 'Content-Type: application/x-www-form-urlencoded' \

  -d 'code=e87abbee-4831-4893-bbcc-03144c30204c&state=120d4e4b-91ef-1e55-de83-bbb2ed9a3b4f&client_id=d1214878-f40b-4eed-a312-345c92d07876&grant_type=authorization_code'​

Here is the Error:

"NativeApp" was attempting to request access to healthcare data with FHIR Play Millennium; unfortunately, the application doesnt appear to be compatible. If you require further assistance, please contact support.

Information to provide to Technical Support

Correlation ID

f7b9b7a8-707d-43f8-a08a-27bfabfb2307

Information to provide to NativeApp

The URI provided did not match the original request, or is not a valid URI.

Error Code

urn:cerner:error:authorization-server:oauth2:token:code-invalid-redirect-uri

[Oleksiy Kononenko]

Can anyone point me to right direction here? Thanks a lot

[Hank DeDona]

From what I'm seeing here, the error seems to specify that the redirect URI doesn't match. From what I can tell, your token request does not include a redirect_uri, but if you provided a redirect URI upon the authorization request then you must provide a redirect_uri upon the token request as per the spec [1]

[1] https://tools.ietf.org/html/rfc6749#section-4.1.3

[Oleksiy Kononenko]

That was it! thanks a lot.