Searching for another patient during launch

[Eric Trinh (Genesis)]

Hello,

As I already mentioned in the other post, I'm building an app that can pre-populate a vital record form (Birth/Fetal Death/Death) using SMART launch. While testing the birth scenario in the Developer Portal, I choose the child record then searching for the mother using the information in the RelatedPerson resource of the child. However, it always return 0 resources. The query string is Patient?family=SNOW&given=CHRISTINE&address-postalcode=66044&birthdate=eq1994-12-24&gender=female&phone=9133409832 and X-Request-Id is 2c25bec1d3d573cc49a456132a7ff492. 

Interestingly it returns correct result if i use the open sandbox. That leads me to suspect it has something to do with the scopes/permissions granted at launch. My app's scope is "launch openid profile fhirUser offline_access user/Patient.read user/Practitioner.read user/Condition.read user/user.read user/RelatedPerson.read user/Observation.read user/MedicationAdministration.read user/Procedure.read user/Encounter.read  patient/Condition.read patient/Patient.read patient/RelatedPerson.read patient/Observation.read patient/MedicationAdministration.read patient/Procedure.read patient/Encounter.read".

Could someone please explain to me on how to achieve it?

[Chase McCormick (Cerner)]

Hi Eric,

In the logs for your X-Request-Id, I see that your request was made with authorization for a specific patient-in-context. This would be why the subsequent search does not return any patients. If you make the request with authorization including the "user/Patient.read" scope and no patient-in-context, you should be able to see the expected results. Additional information on the authorization can be found on our FHIR documentation [1] as well as the SMART on FHIR tutorial [2].

[1] http://fhir.cerner.com/authorization/

[2] https://engineering.cerner.com/smart-on-fhir-tutorial/#request-authorization

Thanks,

Chase (Cerner)

[Eric Trinh (Genesis)]

Hi Chase,

Could you please let me know how to remove patient-in-context from the authorization? I thought it was set by Cerner.

[Mark Butler]

Try accessing the system via System account. You'll first want to authenticate through the UI to get a provider ID and get the mothers ID. Then have your app send out the add to a different application that's using a System account.

MArk B.

[Jenni Syed (Cerner)]

Eric,

There's a bug right now with the Patient resource that is preventing this from working correctly (it's enforcing the patient in context even though you're using a user scope). We have this logged to get fixed, and it's something you are likely only going to see from our code launch tool since applications that don't use patient scopes aren't typically launched from a patient chart/wouldn't have the patient in context in the real world.

In the meantime, try not including the "launch" scope in your request, and just include the openid and profile scopes (assuming you need information about the signed in user). 

Thanks,

Jenni

[Eric Trinh (Genesis)]

Hi Jenni,

If I exclude "launch" scope in my request, I'll get this error: Either the "launch" scope or the launch code was not supplied. Include "launch" scope and the query parameter of "launch" with the value you received in your request or remove both of these.

URL: https://authorization.sandboxcerner.com/errors/urn%3Acerner%3Aerror%3Aauthorization-server%3Asmart-v1%3Agrant%3Alaunch%3Acode-required/instances/adb2b0fb-0839-4676-87ad-c62122574630?persona=provider&client=0872d039-03b5-497e-90db-cabb031d53d5&tenant=0b8a0111-e8e6-4c26-a91c-5069cbc6b1ca

[Eric Trinh (Genesis)]

Mark,

If I change my app type to System, I'm not able to do the SMART launch. Also could you explain more about this:have your app send out the add to a different application that's using a System account?

Thanks.

[Jenni Syed (Cerner)]

Hi Eric,

You will need to make sure both the launch scope *and* the launch code query parameter are excluded from the authorization request. Again, this is just an issue you would likely see in our code portal launch. When launching from the actual EHR, this wouldn't be an issue. We have logged issues to help get this resolved.

Regards,

Jenni