Unable to search encounters, "insufficient_scope" error

93 views
Skip to first unread message
Assigned to Davis....@Oracle.com by me

E B

unread,
Nov 12, 2022, 12:07:53 AM11/12/22
to Oracle Cerner FHIR Developers
Hello,

I am attempting to search for encounters associated with a particular patient.

I am able to read the patient's data successfully with this request:


X-Request-Id: e6fb7ee1-2a71-4b15-804e-d600ddf7887a+2166_1RWL

However, when I attempt to search for that patient's encounters, I receive an "insufficient_scope" error. Here's the request:


X-Request-Id: cacb6fea-5ee9-4270-9b6a-5df36d8bc551+5273_M1PO

I'm not sure what the problem is. We have the 'Encounter' scope fully enabled for our app in the code console.

App ID: 6663df88-ef26-4f23-b97b-93460d1b2eaf
Client ID: 9dc270b2-6a75-4e8c-bc03-b5e3d103f74a

Could someone from Cerner take a look at the X-Request-Id for the Encounter search and advise what the problem is?

Thank you!

E B

unread,
Nov 15, 2022, 3:39:52 PM11/15/22
to Oracle Cerner FHIR Developers
Could someone from Cerner weigh in on this?

From what I can see on this message board, other users with a similar issue eventually required Cerner assistance to review scoping and make adjustments.

From what I can see in Cerner Central and Code Console, the appropriate Encounter scopes are already enabled for our application.

Thank you!

E B

unread,
Nov 20, 2022, 10:48:00 PM11/20/22
to Oracle Cerner FHIR Developers
Anyone from Cerner on here?

Davis Christi (Oracle Cerner)

unread,
Nov 21, 2022, 3:56:20 PM11/21/22
to Oracle Cerner FHIR Developers
Apologies for the delay.
I am looking into this. Would post back into what I find.

Thank you
Davis (Oracle Cerner)

Davis Christi (Oracle Cerner)

unread,
Nov 21, 2022, 4:21:38 PM11/21/22
to Oracle Cerner FHIR Developers
Hello,

X-Request-Id: cacb6fea-5ee9-4270-9b6a-5df36d8bc551+5273_M1PO
So looking into the "insufficient_scope" error for Encounter search on patient, I see that the authorization token generated, does not have "user/Encounter.read" scope defined.
You are passing down Observation and Patient resource scopes. You need to pass down "user/Encounter.read" scope for the request to be processed.

X-Request-Id: e6fb7ee1-2a71-4b15-804e-d600ddf7887a+2166_1RWL
For the patient retrieval, I see that this has a HTTP status of 200. Are you saying you are not able to see any data for this? Which I would doubt since its a Read call and for empty response it should be a 404 Not Found.

Thank you
Davis (Oracle Cerner)

E B

unread,
Nov 21, 2022, 4:53:27 PM11/21/22
to Oracle Cerner FHIR Developers
Hi Davis,

Thank you for the clarification! I'll revise that authorization and re-test.
Reply all
Reply to author
Forward
0 new messages