Hi, we're unable to get tokens for our Cerner Sandbox system application.. We're passing what should be the correct values to the correct URLs, based on my reading of https://fhir.cerner.com/authorization, the values shown in Code Console and Cerner Central for our application, and what's worked in production for other applications.
Application ID becdbac4-fdc9-4637-b411-83b95e38427c
Client ID 5e4ef83a-df24-422f-be0d-123226d9cbd2
Workflow or API calls:
(Showing the URL for the sandbox, but this is also failing for a client who has whitelisted our application, which is our primary concern.)
curl --location https://authorization.sandboxcerner.com/tenants/ec2458f2-1e24-41c8-b71b-0e701af7583d/protocols/oauth2/profiles/smart-v1/token
--header 'Accept: application/json' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: [Base64-encoded value that decodes to OUR_CLIENT_ID:OUR_SECRET]' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=system/Encounter.read'
Expected Result:
200 response with token
Actual Result:
< HTTP/2 401
…
< cerner-correlation-id: 4170b11a-bf97-4c86-b9be-7cf82cfdc7dc
< server: cloud_authorization_server1
<
* Connection #0 to host authorization.sandboxcerner.com left intact
{
"error":"invalid_client",
"error_uri":"https://authorization.sandboxcerner.com/errors/urn%3Acerner%3Aerror%3Aauthorization-server%3Aoauth2%3Atoken%3Ainvalid-client-credentials/instances/4170b11a-bf97-4c86-b9be-7cf82cfdc7dc?client=unknown&tenant=ec2458f2-1e24-41c8-b71b-0e701af7583d"
}