Skip to Main Content
Forums

R4 APIs (Millennium)

Announcement

For information related to the Oracle Partner Network (OPN) Industry Healthcare Track please visit our OPN Industry Healthcare Program page.

For specific questions related to Oracle Partner Network (OPN), please contact Partner Assistance.

Millennium FHIR and non-FHIR API Specifications and Supporting Documents can be found HERE on docs.oracle.com
Soarian FHIR API Specifications and Supporting Documents can be found HERE on docs.oracle.com.

HTTP/1.1 403 Forbidden when creating DocumentReference

Shiju DavisApr 17 2025 — edited Apr 18 2025

Workflow or API calls:

Reminder: If this is referring to a client domain or EHR activity—not the public sandbox—do not include API request data or live patient data.

Trying to upload a report for the patient selected in the sandbox. The base64 encoded pdf file.

The url: https://fhir-ehr-code.cerner.com/r4/ec2458f2-1e24-41c8-b71b-0e701af7583d/DocumentReference

The response body:

Error: HTTP/1.1 403 Forbidden

{"resourceType":"OperationOutcome","issue":[{"severity":"error","code":"forbidden","details":{"text":"Forbidden resource"},"expression":["http.Authorization"]}]}

Respnse headers:

Content-Type: application/fhir+json; charset=utf-8
Connection: close
Date: Fri, 18 Apr 2025 11:54:05 GMT
Cache-Control: no-cache
Vary: Accept,Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Runtime: 0.435487
Strict-Transport-Security: max-age=631152000
X-Request-Id: /D487C446FCE549FC73DF606F85800636+XIjW_GQwV
Referrer-Policy: strict-origin-when-cross-origin
Server-Response-Time: 435.509929
X-Download-Options: noopen
X-Xss-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: none
opc-request-id: /D487C446FCE549FC73DF606F85800636/3959556F81C1F2F64A0B5DC167DB1833
X-Cache: Error from cloudfront
Via: 1.1 e80aeefdda01afc3c41fc332ff42e7ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P5
X-Amz-Cf-Id: 6b_dWC4IFjm4XA0nFeqEQ0Nm6R2p1FZrFWOXRYrEXzw4xWlpWxX9Tg==

I can see the User/DocumentReference.read and user/DocumentReference.write in the scopes returned with token.

Background Information:

Failure to provide answers will impact our ability to respond in a timely and effective manner
Developer questions:

Are you an OPN Member? Yes
Have you signed up to be in the Healthcare Developer Track? Yes
Are you a registered Code Program member? Yes
Does your App have a presence on the Oracle Healthcare App Marketplace? No

Are you developing on behalf of an Oracle Health client?
If so, which client:

Application's Client ID and App ID, if relevant:

Application ID

18b69734-c908-4631-91af-82e9e0fe5ca4

Client ID

2a74b1bb-a721-471a-9842-7988c1b8d5b9

Expected Result: HTTP response code = 201

Actual Result: HTTP/1.1 403 Forbidden {"resourceType":"OperationOutcome","issue":[{"severity":"error","code":"forbidden","details":{"text":"Forbidden resource"},"expression":["http.Authorization"]}]}

X-Request-Id / Cerner-Correlation-Id / opc-request-id:

X-Request-Id: /D487C446FCE549FC73DF606F85800636+XIjW_GQw
opc-request-id: /D487C446FCE549FC73DF606F85800636/3959556F81C1F2F64A0B5DC167DB183
Date/time of the example:

Date: Fri, 18 Apr 2025 11:54:05 GMTT
Comments
Post Details
Added on Apr 17 2025
5 comments
232 views