Skip to first unread message
Assigned to Fenil....@cerner.com by me
Abhilash Kokkonda
Sep 23, 2021, 6:08:48 AM9/23/21
to Cerner FHIR Developers
Hi Cerner team,
Need your help in create patient API call. We are trying to create a patient in Sandbox environment. To fetch the access token, we are passing system/Patient.write in scope, but, we are getting error while fetching token.
We also tried passing this Patient.write scope along with other scopes like system/Slot.read system/Patient.read system/Appointment.read system/Appointment.write system/Patient.write. We got the access token, but the scope of the access token is doesn't include Patient.write scope
Access Token Request With Patient.write only Scope:
X-Request-Id: 22af46e5-7f11-4c7a-98f0-da37fed467bf
{
"error": "unauthorized_client",
}
Access Token Request Along with other scopes
X-Request-Id: dd6c7a75-8503-40a9-8c49-2b8b611db173
{
"access_token": <valid token>,
"scope": "system/Slot.read system/Patient.read system/Appointment.read system/Appointment.write",
"token_type": "Bearer",
"expires_in": 570
}
Here the scope in the response doesn't have Patient.write access
So if we use the access token, we are getting unauthorised error for create patient API call
X-Request-Id: a5ea78c4-9e20-4934-af6d-8d96ef11ce08
{
"resourceType": "OperationOutcome",
"issue": [
{
"severity": "error",
"code": "forbidden",
"diagnostics": "Bearer realm=\"fhir-ehr-code.cerner.com\", error=\"insufficient_scope\"",
"expression": [
"http.Authorization"
]
}
]
}
Thanks in advance,
Abhilash
Fenil Desani (Cerner)
Sep 23, 2021, 3:20:02 PM9/23/21
to Cerner FHIR Developers
Hello,
Your App registration in the Code Console does not have patient.write scopes and hence not granted in the Auth flow.
Thanks,
Fenil
Reply all
Reply to author
Forward
0 new messages