Scopes limit for provider app

40 views
Skip to first unread message
Assigned to Fenil....@cerner.com by me

Abdul Rehman

unread,
Jan 14, 2022, 10:35:45 AMJan 14
to Cerner FHIR Developers
Hi,

We are building something within the sandbox environment for a provider app. Our understanding is that we can request as many scopes as needed during authorization (source: here).

However, when we list all the scopes that we have for our provider app, we end up getting the following error:


temp.png

Here are the list of scopes we are using during authentication (all of them are already ticked in our app):

patient/ServiceRequest.read
patient/Schedule.read
patient/Slot.read
patient/ServiceRequest.write
user/Procedure.write
patient/AllergyIntolerance.write
patient/Basic.write
patient/Coverage.write
patient/DocumentReference.write
patient/Immunization.write
patient/MedicationRequest.write
patient/Provenance.write
patient/QuestionnaireResponse.write
patient/AllergyIntolerance.read
patient/Binary.read
patient/Consent.read
patient/Device.read
patient/DocumentReference.read
patient/Encounter.read
patient/Goal.read
patient/Immunization.read
patient/MedicationRequest.read
patient/NutritionOrder.read
patient/Questionnaire.read
patient/QuestionnaireResponse.read
user/AllergyIntolerance.read
user/Binary.read
user/CareTeam.read
user/Condition.read
user/Consent.read
user/Device.read
user/DocumentReference.read
user/Goal.read
user/Immunization.read
user/MedicationRequest.read
user/NutritionOrder.read
user/QuestionnaireResponse.read
user/Basic.write
user/Communication.write
user/Condition.write
user/Coverage.write
user/DocumentReference.write
user/Encounter.write
user/Immunization.write
user/MedicationRequest.write
user/Provenance.write
user/QuestionnaireResponse.write
online_access
launch

Abdul Rehman

unread,
Jan 14, 2022, 1:07:05 PMJan 14
to Cerner FHIR Developers
Is this expected behavior? what is the current scopes limit for authentication? 

Fenil Desani (Cerner)

unread,
Jan 18, 2022, 10:49:05 AMJan 18
to Cerner FHIR Developers
Hello,

This is expected behavior based on the max. allowed size for the token.
While you can have as many scopes as needed, is there a real need for all those scopes?

Thanks,
Fenil

Reply all
Reply to author
Forward
0 new messages