CCD - Workflow using OAuth 2 not 3 Error 400

[jmendiola...@gmail.com]

If this is a question about an error or issue you are seeing, please fill out the following fields:

• Issue Summary: (When testing CCD Workflow using OAuth 2 not 3, I get an error 400)
• 
  
• X-Request-Id or CorrelationId: 
• 
  
• Rest Request:
• 
  
• URL: https://cernerhealth.com/oauth/access_token
• Request Method: POST
• Call Creation Time: 1ms
• 
  
• Headers:
• Content-Length: 113
• Host: cernerhealth.com
• Content-Type: application/x-www-form-urlencoded; charset=UTF-8
• 
  
• client_id=60731021-7fd0-4cd9-b3e2-9cbd4202d115&client_secret=<api?>&grant_type=none
• 
  
• Rest Response:
• 
  
• Status: HTTP/1.1 400 BAD REQUEST
• Response Time: 384ms
• 
  
• Headers:
• Server: nginx
• Date: Tue, 12 Feb 2019 23:14:54 GMT
• Content-Type: application/json; charset=utf-8
• Transfer-Encoding: chunked
• Connection: close
• Cerner-Correlation-ID: 6168c4c3ad96e9f1b63f78bc290fe489
• Content-Language: en-us
• Expires: Thu, 19 Jun 1980 11:00:00 GMT
• Vary: Accept-Language
• Pragma: no-cache
• Cache-Control: no-cache, no-store, must-revalidate
• X-Frame-Options: DENY
• P3P: CP="This is not a P3P policy, see our policy at /privacy"
• 
  
• {"error_description": "client_id not found", "error": "invalid_client"}

[Dennis Patterson (Cerner)]

Reminder not to post client secrets on this forum.  While you excluded it from the main post, it's included in your tokenRequest attachment.  Please use CernerCentral's System Account management to cycle your secret!

CernerHealth is our patient portal solution.  For our SMART on FHIR solution, please head over to check out our documentation at https://fhir.cerner.com/authorization/

[jmendiola...@gmail.com]

Hi Dennis, 

Client secret and documentation is irrelevant as the error 400 is throwing a message Client id cannot be found although the app is registered.

Best,

[Dennis Patterson (Cerner)]

I believe your client id was not found because you registered with the authorization server via the Code Developer Portal but were trying to use that client id at a separate endpoint for Patient Portal.  The authorization server (authorization.sandboxcerner.com) will understand that client id, while the Patient Portal (cernerhealth.com) will not.

[jmendiola...@gmail.com]

Thank you for the insight, it has been very complex navigating through all the documentation and tutorials

The end result that I am hoping to achieve is to post a CDA document for millennium end-user via FHIR 

On Monday, February 25, 2019 at 4:08:36 PM UTC-8, jmendiola...@gmail.com wrote:

[Dennis Patterson (Cerner)]

I can point you towards specific pieces of our documentation but need to ask a few questions...

Are you intending to be launched within an EHR or as a standalone app?

Your app is intended to be used by providers, correct? (My guess is 'yes' based on "millennium end-user".)

Is your app intended to be obtaining FHIR access tokens only when the user is actively interacting with it? (Or does it need to continue to obtain access tokens even without an active session? Guessing not, but asking anyway.)

I already pointed you towards https://fhir.cerner.com/authorization as the landing place for documentation, but a common thread to whatever flow you use is having your app call the /metadata endpoint on the FHIR server to discover the authorization endpoints.  

[Dennis Patterson (Cerner)]

My answer was focused on the authorization aspect of your workflow, but I realized you're trying to write a CCD.  While we support writing unstructured clinical notes, there is not support today for writing CCDs, per https://fhir.cerner.com/millennium/dstu2/infrastructure/document-reference/#create