Cerner Sandbox Environment - unauthorized_client

255 views

authorization

Skip to first unread message

Assigned to Fenil....@cerner.com by me

Martin H

unread,

Jun 8, 2021, 6:17:48 AM6/8/21

to Cerner FHIR Developers

I have been using the read only sandbox environment for our web based application to do appointment book lookups and check availability for a proof of concept we are working on. This has been fine but I now want to be able to book and cancel appointments on the secure sandbox environment so require authentication and permissions to do this.

I have followed the instructions to register an application which looks to have been successful

App Name: Healthcomm Test

Client Id: 4b75c3a9-d618-4393-a561-536cb8d6e98d

App Id: 0f71e62b-8686-4538-a1f2-c39286ffe9a8

But I've tried all different types of methods to try and get a token or to make a call on the secured sandbox with no success. I am currently trying to get a token via postman

I am getting unauthorized_client when sending as basic auth header or invalid_client when sending as client credentials in body.

The URLs I'm using for authentication are...

Access Token URL : https://authorization.cerner.com/tenants/ec2458f2-1e24-41c8-b71b-0e701af7583d/protocols/oauth2/profiles/smart-v1/token

Auth URL : https://authorization.cerner.com/tenants/ec2458f2-1e24-41c8-b71b-0e701af7583d/protocols/oauth2/profiles/smart-v1/personas/provider/authorize

Are you able to advise if everything is setup correctly on this account or if there's something I'm missing here? I've tried going through the guides and tried with every method I can think of but I just don't seem to be able to hit these endpoints

Thanks

Martin

Fenil Desani (Cerner)

unread,

Jun 11, 2021, 9:44:58 AM6/11/21

to Cerner FHIR Developers

Hello,

Are you using Basic Auth workflow to get token?

Can you also share the correlationId?

Thanks,

Fenil (Cerner)

Martin H

unread,

Jun 14, 2021, 5:22:39 AM6/14/21

to Cerner FHIR Developers

Hi Fenil,

Yes, using basic auth headers, correlation ID below

POST https://authorization.cerner.com/tenants/ec2458f2-1e24-41c8-b71b-0e701af7583d/protocols/oauth2/profiles/smart-v1/token400

727 ms

▶Network

▶Request Headers

Content-Type: application/x-www-form-urlencoded

Authorization: Basic NGI3NWMzYTxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

User-Agent: PostmanRuntime/7.28.0

Accept: */*

Cache-Control: no-cache

Postman-Token: b5a7368c-bea6-4599-8dfc-47bf2e8d4771

Host: authorization.cerner.com

Accept-Encoding: gzip, deflate, br

Connection: keep-alive

Content-Length: 36

▶Request Body
1. grant_type: "client_credentials"
2. scope: ""

▶Response Headers

Expect-CT: enforce, max-age=30

Access-Control-Allow-Origin: *

Access-Control-Allow-Methods: OPTIONS, POST

Access-Control-Allow-Headers: Content-Type, Authorization, Accept, Cerner-Correlation-Id

Cache-Control: no-store

Pragma: no-cache

Cerner-Correlation-ID: b1f62f1c-dd66-4ab0-a78c-2a564e0a19ca

Content-Type: application/json;charset=UTF-8

Content-Length: 296

Date: Mon, 14 Jun 2021 09:05:16 GMT

X-Cnection: close

Server: cloud_authorization_server1

Strict-Transport-Security: max-age=631138519; includeSubDomains

▶Response Body

{"error":"unauthorized_client","error_uri":"https://authorization.cerner.com/errors/urn%3Acerner%3Aerror%3Aauthorization-server%3Aoauth2%3Atoken%3Aempty-scopes/instances/b1f62f1c-dd66-4ab0-a78c-2a564e0a19ca?client=4b75c3a9-d618-4393-a561-536cb8d6e98d&tenant=ec2458f2-1e24-41c8-b71b-0e701af7583d"}

Martin H

unread,

Jun 14, 2021, 7:15:56 AM6/14/21

to Cerner FHIR Developers

I have resolved this now, I was missing scope which resolved the issue

Thanks

Reply all

Reply to author

Forward

This conversation is locked

You cannot reply and perform actions on locked conversations.

0 new messages