Getting 403 forbidden when creating Condition resource

49 views
Skip to first unread message

Venkata Boddeti

unread,
May 1, 2018, 12:36:48 PM5/1/18
to Cerner FHIR Developers
If this is a question about an error or issue you are seeing, please fill out the following fields:

  • Issue Summary: I am trying to post resource condition with secure sandbox. I have included headers authorization bearer, content-type:application/json and accept:application\json.
  • body:

    { "resourceType": "Condition", { "patient": { "reference": "Patient/4912007", "display": "Person, Name" } }, { "code": { "coding": [ { "system": "http://hl7.org/fhir/sid/icd-9-cm", "code": "345.0", "display": "Generalized nonconvulsive epilepsy", "userSelected": true } ], "text": "Absence seizures" } }, { "verificationStatus": "confirmed" } }

I am receiving 403 forbidden with this request.

  • X-Request-Id or CorrelationId:

    daac6bf3a4140009de4883aedff68752

Max Philips (Cerner)

unread,
May 1, 2018, 12:49:19 PM5/1/18
to Cerner FHIR Developers
Hi Venkata,

When you receive a 403, check the WWW-Authenticate response header - in this case you should have seen:
WWW-Authenticate Bearer realm="fhir-ehr.sandboxcerner.com", error="insufficient_scope"

The access token used for that request had only the system/Patient.write scope, so it was rejected on a Condition request. When you see the insufficient scope error message, it will be due to scenarios like this.

Thanks,
Max (Cerner)

Venkata Boddeti

unread,
May 1, 2018, 4:45:41 PM5/1/18
to Cerner FHIR Developers
Max,

 I have defined multiple scopes and syntax was not correct. I corrected this and able to write Condition. Thanks for the quick response.

Thanks Venkata
Reply all
Reply to author
Forward
0 new messages