Issue about Clinical Server Authorization

101 views
Skip to first unread message

Bowen Gong

unread,
Dec 5, 2015, 12:36:49 AM12/5/15
to SMART on FHIR, duanr...@gmail.com
I have got some problem in clinical server authorization step. While I'm trying to get the access token with client id and the code got from last step, I kept getting an error message :{"error":"invalid_client","error_description":"Bad client credentials"}.

Here is the code:
var datas = {
code:code,
grant_type: 'authorization_code',
redirect_uri: redirect_uri,
                client_id: client_id
}
var opt = {
method:'POST',
url: token_uri,
headers: {
"Content-Type": 'application/x-www-form-urlencoded',
"Content-Length" : datas.length
},
form:datas
};
request(opt, function(error, response, body){
if (!error && response.statusCode < 500){
console.log(body)
req.session.clinical_access_token = JSON.parse(body).access_token;
}else{
console.log(error);
res.redirect('/fhir-app/launch.html?iss=' + encodeURIComponent(req.session.iss) + '&launch='+req.session.launch);
}
});

Josh Mandel

unread,
Dec 5, 2015, 7:27:42 AM12/5/15
to Bowen Gong, SMART on FHIR, duanr...@gmail.com
Have you registered your app as a public client, or a confidential client? The error message suggests you've registered a confidential client, in which case your token request needs an HTTP Basic Authorization header containing your client id and secret.
--
You received this message because you are subscribed to the Google Groups "SMART on FHIR" group.
To unsubscribe from this group and stop receiving emails from it, send an email to smart-on-fhi...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Bowen Gong

unread,
Dec 5, 2015, 9:24:32 AM12/5/15
to SMART on FHIR, gbwl...@gmail.com, duanr...@gmail.com
Yeah, I just change my client type to public client. And now I got the error message : {"error":"unauthorized","error_description":"Full authentication is required to access this resource"}.
Also I can not find detail description about public client and confidential client. Like difference in authorization. Could you please provide some documents about that?
To unsubscribe from this group and stop receiving emails from it, send an email to smart-on-fhir+unsubscribe@googlegroups.com.

Josh Mandel

unread,
Dec 5, 2015, 9:57:25 AM12/5/15
to Bowen Gong, SMART on FHIR, duanr...@gmail.com
Our authorization specification at http://docs.smarthealthit.org/authorization/ describes these two client types. In general if you're building an app with a server side component, this should be registered as a confidential client.

When you say "I changed my client type", what specific steps did you take to do this?

IIt might be easiest for you to register a new client with our self registration form (http://docs.smarthealthit.org/sandbox/register/) or through our gallery (https://gallery.smarthealthit.org).

Best,

Josh
To unsubscribe from this group and stop receiving emails from it, send an email to smart-on-fhi...@googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "SMART on FHIR" group.
To unsubscribe from this group and stop receiving emails from it, send an email to smart-on-fhi...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages