unsupported_grant_type

[Venkata Boddeti]

If this is a question about an error or issue you are seeing, please fill out the following fields:

• Issue Summary:  I am receiving 400 when try to get access code. What is wrong with the following request? Please let me know.

Here is my request

Post https://authorization.sandboxcerner.com/tenants/0b8a0111-e8e6-4c26-a91c-5069cbc6b1ca/protocols/oauth2/profiles/smart-v1/token

User-Agent: Fiddler
Host: authorization.sandboxcerner.com
Accept: Application/json
Content-Type: application/x-www-form-urlencoded
Connection: keep-alive
grant_type: client_credentials
Authorization: Basic userid:password(in Base64)
Content-Length: 0

Here is the response that I received

HTTP/1.1 400

Access-Control-Allow-Origin: *

Access-Control-Allow-Methods: OPTIONS, POST

Access-Control-Allow-Headers: Content-Type, Authorization, Accept, Cerner-Correlation-Id

Cache-Control: no-store

Pragma: no-cache

Cerner-Correlation-ID: ca390d76-5863-4826-82a7-befb18f4712b

Content-Type: application/json;charset=UTF-8

Content-Length: 272

Date: Tue, 24 Apr 2018 19:07:23 GMT

X-Cnection: close

Server: cloud_authorization_server1

Strict-Transport-Security: max-age=631138519; includeSubDomains

　

{"error":"unsupported_grant_type","error_uri":"https://authorization.sandboxcerner.com/errors/urn%3Acerner%3Aerror%3Aauthorization-server%3Aoauth2%3Atoken%3Aunsupported-grant-type/instances/ca390d76-5863-4826-82a7-befb18f4712b?tenant=0b8a0111-e8e6-4c26-a91c-5069cbc6b1ca"}

[Jenni Syed (Cerner)]

Hi,

It looks like nothing was sent in the body of the request for this. Those parameters look like they may have all been sent as headers instead of form encoded parameters in the body.

An example of what the headers vs. body should look like can be seen here (the last line is the body): http://fhir.cerner.com/authorization/#requesting-authorization-on-behalf-of-a-system

~ Jenni

[Venkata Boddeti]

Jenni,

Thanks for the quick reply. I have tried with the following request and headers. But, still got 400 error. Can you please let me know the issue with this request?

https://authorization.sandboxcerner.com/tenants/0b8a0111-e8e6-4c26-a91c-5069cbc6b1ca/protocols/oauth2/profiles/smart-v1/token/?grant_type=authorization_code&code=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx&client_id=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx");

Host: authorization.sandboxcerner.com
Accept: application/json
Content-Type: application/x-www-form-urlencoded
Authorization: Basic xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=

Thanks, Venkata

[Jenni Syed (Cerner)]

Hi Venkata,

That requests looks like it's using the auth code flow. Is the app built to use access on behalf of a user or access on behalf of a system? If access on behalf of a system:

POST /tenants/0b8a0111-e8e6-4c26-a91c-5069cbc6b1ca/protocols/oauth2/profiles/smart-v1/token

Headers:

Authorization: Basic YmIzMThhNjItZmE2MS00OWFlLWI2OTItN2Q5OTIxNGYwZWM3OnNlY3JldA== (replace with your actual clientid:secret base64 encoded)

Accept: application/json

Content-Type: application/x-www-form-urlencoded

Body:

grant_type=client_credentials&scope=system%2FObservation.read

Note: I used the system/Observation.read scope in the example, you would replace with the list of scopes the application needs.

Regards,

Jenni

[Venkata Boddeti]

Hi Jenni,

I did setup the header and body as you suggested. Received the following error response. Can you please let me know the cause for this failure?

HttpResponseProxy{HTTP/1.1 400 [Access-Control-Allow-Origin: *, Access-Control-Allow-Methods: OPTIONS, POST, Access-Control-Allow-Headers: Content-Type, Authorization, Accept, Cerner-Correlation-Id, Cache-Control: no-store, Pragma: no-cache, Cerner-Correlation-ID: eb6443f7-0079-46ac-a8c4-5e6adc579894, Content-Type: application/json;charset=UTF-8, Content-Length: 303, Date: Thu, 26 Apr 2018 00:23:31 GMT, X-Cnection: close, Server: cloud_authorization_server1, Strict-Transport-Security: max-age=631138519; includeSubDomains] ResponseEntityProxy{[Content-Type: application/json;charset=UTF-8,Content-Length: 303,Chunked: false]}}

Thanks, Venkata

[Jenni Syed (Cerner)]

Venkata,

The error seems to be complaining that there were no scopes provided in the request.

Regards,

~ Jenni

[Venkata Boddeti]

Jenni,

This issue got resolved. The changes that fixed the issue, updated launch url to the servlet that I am calling from. It is working now. My next step is to update the resources Patient and Observation. Thanks for your help.

Thanks, Venkata

[Venkata Boddeti]

Jenni,

I am trying to create a resource and getting 400 bad request response. Please see the response below. Can you please let me know the cause for this error?

Headers for this request is : Authorization bearer, content_type:application/json, accept:application.json

HttpResponseProxy{HTTP/1.1 400 Bad Request [Content-Type: application/json; charset=utf-8, Content-Length: 38, Connection: keep-alive, Date: Fri, 27 Apr 2018 16:17:58 GMT, x-amzn-RequestId: 8c9b56b3-4a36-11e8-b3c0-f11239f66d0f, x-amzn-Remapped-Content-Length: 38, X-Request-Id: 8c9b56b3-4a36-11e8-b3c0-f11239f66d0f, Server-Response-Time: 5.911633, x-amz-apigw-id: GAkAeFHDvHcFhdw=, Vary: Origin,User-Agent, Cache-Control: no-cache, no-store, max-age=0, must-revalidate, Status: 400 Bad Request, Expires: Fri, 01 Jan 1990 00:00:00 GMT, Pragma: no-cache, x-amzn-Remapped-Date: Fri, 27 Apr 2018 16:17:58 GMT, X-Cache: Error from cloudfront, Via: 1.1 aacaf57a89a827fd9e2cbb6fe0d21e43.cloudfront.net (CloudFront), X-Amz-Cf-Id: 5AqA1ZfLQKx_qUwm0ETsh0UrovR6E9BTfwMj52aXZWFRaDhz7wiYHA==] ResponseEntityProxy{[Content-Type: application/json; charset=utf-8,Content-Length: 38,Chunked: false]}}

{"status":"400","error":"Bad Request"}

Thanks, Venkata

[Max Philips (Cerner)]

Hi Venkata,

The JSON POST body in that request was formatted incorrectly.

Thanks,

Max (Cerner)

[Venkata Boddeti]

Hi Max,

I made changes to the post request to create Patient. But received 404 error. Not sure why I am getting 404 when creating the resource. Here is the x-request-id. Can you please let me know the cause for this issue?

X-Request-Id: 947f837b-4b58-11e8-872f-d92fb47b51a4

Thanks, Venkata

[Max Philips (Cerner)]

Hi Venkata,

That request was sent to our open endpoint - writes are supported only on the closed endpoint (fhir-ehr or fhir-myrecord).

Thanks,

Max (Cerner)

[Venkata Boddeti]

Hi Max,

Thanks for quick reply.

I am having issue creating appointment. The http error I received 422 Unprocessable Entity. Please see below. I am trying to create appointment with secure sandbox. The headers for this request are Authorizaiton bearer, Content-type:applicaiton\json+fhir, accept: application\json+fhir.

Body and response are  below.

{ "resourceType": "Appointment","slot": { "reference": "Slot/21265426-633867-6828001-90" }, "participant": [ { "actor": { "reference": "Patient/713931", "display": "PATIENT, TEST" }, "status": "needs-action" } ], "status": "proposed" }

HttpResponseProxy{HTTP/1.1 422 Unprocessable Entity [Date: Mon, 30 Apr 2018 14:35:15 GMT, Cache-Control: no-cache, Vary: Origin,User-Agent,Accept-Encoding, Strict-Transport-Security: max-age=631152000, Server-Response-Time: 914.046754, X-XSS-Protection: 1; mode=block, Pragma: no-cache, X-Request-Id: 64ba2f55fb0988d5a00ede11e42a4851, X-Frame-Options: SAMEORIGIN, X-Content-Type-Options: nosniff, Expires: Fri, 01 Jan 1990 00:00:00 GMT, Status: 422 Unprocessable Entity, Transfer-Encoding: chunked, Content-Type: text/plain; charset=utf-8] ResponseEntityProxy{[Content-Type: text/plain; charset=utf-8,Chunked: true]}}

Thanks, Venkata

--
You received this message because you are subscribed to the Google Groups "Cerner FHIR Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cerner-fhir-developers+unsub...@googlegroups.com.
To post to this group, send email to cerner-fhir-developers@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/cerner-fhir-developers/61f38b1c-5445-4780-945a-a0b8d6cc5fcd%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

[Max Philips (Cerner)]

Hi Venkata,

Going forward, would you please open new threads for each issue you run into? That will help future readers of the group quickly find scenarios that they may be running into. Thanks!

For the 422 you are seeing when creating an Appointment - Appointments must be booked into free Slots.  The Slot you are using is from October 4th, 2017 and is busy.  Slot.freeBusyType is the field on the Slot API that indicates whether a Slot is available for booking ('free') or not ('busy').

Here's a Slot search for Slots this week (2018-04-30 to 2018-05-04):

https://fhir-open.sandboxcerner.com/dstu2/0b8a0111-e8e6-4c26-a91c-5069cbc6b1ca/Slot?slot-type=http://snomed.info/sct|394581000&-location=633867&start=ge2018-04-30&start=lt2018-05-04

Accept: application/json+fhir

Grab a 'free' Slot from those results and try using it with your Appointment create request.

Thanks,

Max (Cerner)

[Venkata Boddeti]

Max,

Thanks for the response. I will try again with your input. I will start a new thread for each issue.

Thanks, Venkata