403 error when trying to create patient
122 views
Skip to first unread message
Greg Tidwell
Sep 23, 2022, 6:28:24 PM9/23/22
to DrChrono API Developers
Hello!
We have 2 active provider accounts which have authorized our private app to read and write patients, among other scopes. However, when trying to use the create patient api we receive "403 { detail: 'You do not have permission to perform this action.' }"
This is a POST to /patients.
I've deauthorized and reauthorized the apps to no avail. Something that could be affecting it, is that we deactivated a number of our providers. And it's possible that the account that created the app was associated with those accounts? When I login with them it says they are suspended.
This is affecting our production app and would love to clear up this issue. Thanks!
aaron....@drchrono.com
Sep 26, 2022, 2:32:01 PM9/26/22
to DrChrono API Developers
Hi Greg.
Suspended accounts are prohibited from accessing the DrChrono service, this is likely the reason you are not able to complete your API calls.
The easiest way to fix this is to configure a new app under a non-suspended provider within your combined accounts (referred to as a Practice Group or PG). Also, ensure the permission `Create and Update Patients` has been enabled for the user connected via the API.
I hope that helps. Try that out and let us know if you need additional assistance.
Aaron Bethea | Product Solutions Engineer
DrChrono, Inc.
Greg Tidwell
Sep 30, 2022, 1:45:53 PM9/30/22
to DrChrono API Developers
I recreated the app with a valid, active provider chrono account and am still getting the same error. Any other ideas?
aaron....@drchrono.com
Oct 11, 2022, 11:02:54 AM10/11/22
to DrChrono API Developers
Hi Greg.
I apologize for the delay in responding. Are you able to access other API endpoints with success? Could you provide a sample of the payload in which you're attempting to post to `api/patients` ?
Greg Tidwell
Oct 11, 2022, 11:08:03 AM10/11/22
to DrChrono API Developers
What is the best next step to solve this problem? We cannot use our production app.
Greg Tidwell
Oct 13, 2022, 9:47:02 AM10/13/22
to DrChrono API Developers
On the production app, I am unable to access any endpoints, seeing 401s invalid grant. However, our dev app works fine. Makes me think this has something to do with the suspended accounts. However, the solution of recreating the app and reauthorizing didn't solve the problem.
The payload for POST /api/patients is
{ first_name: 'John',
last_name: 'Doe',
cell_phone: '(415) 555-5555',
email: 'a valid email address',
gender: 'Male',
date_of_birth: '1983-02-13',
doctor: '264711' }
401 'Authorization failed.'
last_name: 'Doe',
cell_phone: '(415) 555-5555',
email: 'a valid email address',
gender: 'Male',
date_of_birth: '1983-02-13',
doctor: '264711' }
401 'Authorization failed.'
Thanks for your help!
Greg Tidwell
Oct 13, 2022, 9:47:06 AM10/13/22
to DrChrono API Developers
I am not able to access other endpoints either.
They give 401 invalid grant.
{ first_name: 'Greg',
last_name: 'Tidwell',
cell_phone: '(415) 555-5555',
email: 'an actual email address ',
gender: 'Male',
date_of_birth: '1983-02-13',
doctor: '264711' }
401 'Authorization failed.'
Thank you for your help!
aaron....@drchrono.com
Oct 13, 2022, 10:06:17 AM10/13/22
to DrChrono API Developers
Hi Greg. Thanks for your reply.
As you are unable to access any endpoints, does `api/o/authorize` return the one-time code required to submit to `api/o/token/`? Does `api/o/token/` return an active `access_token` parameter or do you receive errors during initial authorization?
Greg Tidwell
Oct 13, 2022, 3:13:54 PM10/13/22
to DrChrono API Developers
I am able to authorize the application.
Greg Tidwell
Oct 13, 2022, 3:13:56 PM10/13/22
to DrChrono API Developers
and receive an access token
On Thursday, October 13, 2022 at 9:06:17 AM UTC-5 aaron....@drchrono.com wrote:
Reply all
Reply to author
Forward
0 new messages