Hi Cerner team,
Need your help in create patient API call. We are trying to create a patient in Sandbox environment. To fetch the access token, we are passing system/Patient.write in scope, but, we are getting error while fetching token.
We also tried passing this Patient.write scope along with other scopes like system/Slot.read system/Patient.read system/Appointment.read system/Appointment.write system/Patient.write. We got the access token, but the scope of the access token is doesn't include Patient.write scope
Access Token Request With Patient.write only Scope:
X-Request-Id: 22af46e5-7f11-4c7a-98f0-da37fed467bf
{
"error": "unauthorized_client",
}
Access Token Request Along with other scopes
X-Request-Id: dd6c7a75-8503-40a9-8c49-2b8b611db173
{
"access_token": <valid token>,
"scope": "system/Slot.read system/Patient.read system/Appointment.read system/Appointment.write",
"token_type": "Bearer",
"expires_in": 570
}
Here the scope in the response doesn't have Patient.write access
So if we use the access token, we are getting unauthorised error for create patient API call
X-Request-Id: a5ea78c4-9e20-4934-af6d-8d96ef11ce08
{
"resourceType": "OperationOutcome",
"issue": [
{
"severity": "error",
"code": "forbidden",
"expression": [
"http.Authorization"
]
}
]
}
Thanks in advance,
Abhilash