Workflow or API calls:
Reminder: If this is referring to a client domain or EHR activity—not the public sandbox—do not include API request data or live patient data.
Background Information:
Failure to provide answers will impact our ability to respond in a timely and effective manner
Developer questions:
I'm attempting to retrieve a Schedule from the sandbox environment, at the URL https://fhir-ehr-code.cerner.com/r4/ec2458f2-1e24-41c8-b71b-0e701af7583d/Schedule/24477854-21304876-62852027-0
I am using an access token with the system/Schedule.rs scope. The token is not expired.
I am able to retrieve this Schedule using the open sandbox endpoint, at https://fhir-open.cerner.com/r4/ec2458f2-1e24-41c8-b71b-0e701af7583d/Schedule/24477854-21304876-62852027-0 - but when I use my auth token to hit the Secure Sandbox endpoint, I get a 403 Forbidden response.
Are you an OPN Member? Yes
Have you signed up to be in the Healthcare Developer Track? Not sure
Are you a registered Code Program member? Yes
Does your App have a presence on the Oracle Healthcare App Marketplace? No
Are you developing on behalf of an Oracle Health client? No
If so, which client:
Application's Client ID and App ID, if relevant:
Application ID
46c572a8-378b-4b18-8c3b-aff04757dda3
Client ID
9351201f-aba3-4674-9dd3-30e4fb8ab98d
Expected Result: JSON response with a schedule
Actual Result:
{
"resourceType": "OperationOutcome",
"issue": [
{
"severity": "error",
"code": "forbidden",
"details": {
"text": "Forbidden resource"
},
"expression": [
"http.Authorization"
]
}
]
}
X-Request-Id : /520F70B80E2942B7E66B03E1A748F59B+GKxK_5tf7
Date/time of the example:
Tue, 18 Nov 2025 20:42:45 GMT
Please advise on what I'm doing wrong here. Thank you.