SMART OAuth javascript does not function correctly when a secret is used
33 views
Skip to first unread message
Max Yudovich
Jun 1, 2017, 1:13:03 PM6/1/17
to SMART on FHIR
I am trying to get the javascript example of OAuth to work on a confidential client with a secret. I copied the example from http://docs.smarthealthit.org/tutorials/authorization/ and replaced the clientId and secret with the strings provided in the SMART Sandbox. After being redirected to the login page, logging in, and authorizing the app, the ajax query in index.html fails.
I get the following WWW-Authenticate header:
Form realm="oauth", error="invalid_client", error_description="Bad client credentials"
This only happens if I register my app as a condifential app and replace null with a string containing my app's secret. If I were to use a public app without a secret, the ajax would work just fine and I would get an authorization token and would be able to pull resources from the FHIR server.
Does anyone know why this problem is happening?
I get the following WWW-Authenticate header:
Form realm="oauth", error="invalid_client", error_description="Bad client credentials"
This only happens if I register my app as a condifential app and replace null with a string containing my app's secret. If I were to use a public app without a secret, the ajax would work just fine and I would get an authorization token and would be able to pull resources from the FHIR server.
Does anyone know why this problem is happening?
Reply all
Reply to author
Forward
0 new messages