Invalid client

79 views
Skip to first unread message
Assigned to aaron....@cerner.com by me

Sylvester Sakilay

unread,
Jan 22, 2021, 3:52:13 PM1/22/21
to Cerner FHIR Developers
Hi,
I am getting "invalid client" error. It was working fine till recently. 

Appreciate help.

Thanks,
Sylvester

Sylvester Sakilay

unread,
Jan 22, 2021, 4:37:20 PM1/22/21
to cerner-fhir...@googlegroups.com
I have created an application and got client_id and secret some time ago. They have been working fine till recently. 
When I accessed today it says "invalid_client"
Can somebody please help me with this?

Thanks,
Sylvester

--
You received this message because you are subscribed to a topic in the Google Groups "Cerner FHIR Developers" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/cerner-fhir-developers/i7joBKX_eYs/unsubscribe.
To unsubscribe from this group and all its topics, send an email to cerner-fhir-devel...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/cerner-fhir-developers/64e21b23-3bf3-4881-9d79-cc1cc41843f4n%40googlegroups.com.

Aaron McGinn (Cerner)

unread,
Jan 22, 2021, 6:33:54 PM1/22/21
to Cerner FHIR Developers
Per our group guidelines, please provide an X-Request-Id/Cerner-Correlation-Id from the response headers to allow us to investigate.

-Aaron (Cerner)

Sylvester Sakilay

unread,
Jan 25, 2021, 8:57:42 AM1/25/21
to Cerner FHIR Developers
Hi Aaron,
Please find below correlation id:
a6117e67-26eb-4fdb-a6ca-dfd29a8f5be3 

This is for one of the apps I have created on portal. I have a few more on portal. They were all fine before. None of them is working now. Every App is throwing the " invalid_client  " error.  Just wondering if any thing has changed.

I would appreciate your help.

Thanks,
Sylvester

Sylvester Sakilay

unread,
Jan 25, 2021, 3:11:57 PM1/25/21
to cerner-fhir...@googlegroups.com
Hi,
Can you let me know if there is any update on this?

Thanks

Aaron McGinn (Cerner)

unread,
Jan 25, 2021, 6:24:03 PM1/25/21
to Cerner FHIR Developers
The "invalid-client-credentials" error you are receiving indicates that you are not using the correct account/secret from your CernerCentral [1] system account.


-Aaron (Cerner)

Sylvester Sakilay

unread,
Jan 26, 2021, 11:08:03 AM1/26/21
to Cerner FHIR Developers
Thanks Aaron. 
Just a curious question. 
Do credentials expire periodically? 
Because the credentials are not working for any of the apps I created where as they were all fine till recently

Aaron McGinn (Cerner)

unread,
Jan 26, 2021, 11:31:18 AM1/26/21
to Cerner FHIR Developers
I am not sure what happened, but no, system account credentials will not expire automatically. Though, you should be in the habit of rotating them on a regular basis.

Also, since it can never be said too often, the secret should be considered the password to the account and should be treated as such. This means it should not be shared in any form, especially publicly or through unencrypted communications, and Cerner will not ask for it.

-Aaron (Cerner)

Sylvester Sakilay

unread,
Jan 26, 2021, 12:04:43 PM1/26/21
to Cerner FHIR Developers
Thank you.

Sorry to drag this conversation further. 
Just want to defer creating a system account for some time.   
I registered a new App just now and it gave me a clientid and secret. These are brand new. I accessed using them. I still get the same error.
Can I not use the ones that I get via registration? Just wondering if something has changed with the sandbox since last few days/weeks.

Could you please let me know?

Aaron McGinn (Cerner)

unread,
Jan 26, 2021, 4:57:52 PM1/26/21
to Cerner FHIR Developers
Once you register a system account in CernerCentral, you then create a system app within the developer portal [1] with that account ID. The authorization [2] will then need to match the account ID/secret.

I am not sure I follow your questions, so let me know if that does not help. If you provide new X-Request-Ids, I can look at those as well.


-Aaron (Cerner)

Sylvester Sakilay

unread,
Jan 27, 2021, 11:26:17 AM1/27/21
to Cerner FHIR Developers
The following is my question:
I followed the below procedure to create Apps before:
2. It gave me clientid and secret
That is it. I could run my app without any problem using the clientid and secret and the procedure mentioned in [2]https://fhir.cerner.com/authorization/#requesting-authorization-on-behalf-of-a-system

I didn't need to log in to Cerner Central or anything.

Yesterday I followed the same procedure 
1. created a new app
2. got client id and secret.

When tried to run the app. It said "Invalid client". Though they are new credentials.

Not sure what's wrong. It seems like the clientid and secret we get during registration don't work.
Please find below correlation Id:
3b6b00f0-adf4-4edc-95b1-86e292af6281

I would appreciate your help.

Aaron McGinn (Cerner)

unread,
Jan 27, 2021, 11:34:00 AM1/27/21
to Cerner FHIR Developers
The secret will have to be obtained from CernerCentral. I'm not sure what you're referring to that you got it from the developer portal, but it will not be available there.

-Aaron (Cerner)

Sylvester Sakilay

unread,
Jan 27, 2021, 2:33:46 PM1/27/21
to Cerner FHIR Developers
Once the app is registered on developer portal, the developer portal gives 'Client Id' and 'App Id' on developer portal. 
The 'App Id' is what I used as secret so far and it worked. Not anymore.
Isn't 'App Id' the secret? Can you please let me know?

Aaron McGinn (Cerner)

unread,
Jan 27, 2021, 3:45:19 PM1/27/21
to Cerner FHIR Developers
The App Id is not the system account secret but is just another identifier for the application (one example of its use is in the configuration of provider app launches embedded within PowerChart).

The secret that you need to use can be found on your system account in CernerCentral [1]. It will be labeled as 'Secret' and the client ID will be your system account ID.

Sylvester Sakilay

unread,
Jan 27, 2021, 4:46:52 PM1/27/21
to Cerner FHIR Developers
Got it. Thank you very much Aaron!
Reply all
Reply to author
Forward
This conversation is locked
You cannot reply and perform actions on locked conversations.
0 new messages