Workflow
We are getting a 403 ‘forbidden’ error when trying to create a DocumentReference in the secure sandbox. We are able to successfully retrieve an access token and have inspected to the token to ensure it matches the app client Id and scopes.
We have confirmed the client id (445c501f-971f-4907-847e-00db4883b3b1) we are using is the correct system app and the associated application is registered with the necessary scopes (system/DocumentRefererence.write)
Provided below is the x-request-id of a failed attempt due to this error.
API call:
POST https://fhir-ehr-code.cerner.com/r4/ec2458f2-1e24-41c8-b71b-0e701af7583d/DocumentReference
Actual Result:
status: 403,
statusText: 'Forbidden',
headers: AxiosHeaders { 'content-type': 'application/fhir+json; charset=utf-8',
…
'server-response-time': '269.026485',
'opc-request-id': '/FE54785E7C4E72421CD8BAC688D3E6BA/3589D4E6BDEC89A3D534AC126DBB713D',
'x-request-id': '/FE54785E7C4E72421CD8BAC688D3E6BA+GmuP_FtsC',
@andrew-fagan-oracle you recently helped another developer with a similar issue. We have confirmed the client id / app we are making the request with has the necessary scope, but would appreciate direction on what we might be missing.