Workflow or API calls:
https://authorization.cerner.com/tenants/5b22adf1-4884-4ac2-b6f3-04fa545ac9fcm/protocols/oauth2/profiles/smart-v1/token
Background Information:
Are you an OPN Member? Yes
Have you signed up to be in the Healthcare Developer Track? Yes
Are you a registered Code Program member? Yes
Does your App have a presence on the Oracle Healthcare App Marketplace? Yes
Are you developing on behalf of an Oracle Health client?
If so, which client: Dignity Health Yavapai Regional Medical Center
Application's Client ID and App ID, if relevant:
We can auth to our PROD app.
However, the client also provided their tenant ID and requested to Cerner to connect to our NonProd app
Application ID 2ba71521-f3f7-4776-babd-e0bf99775566
Client ID ec9e9fdd-d770-4108-8589-62fa060429fb
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=system/Account.read, system/Appointment.read, system/Appointment.write, system/Binary.read, system/Condition.read, system/Coverage.read, system/Coverage.write, system/DocumentReference.read, system/DocumentReference.write, system/Encounter.read, system/Encounter.write, system/InsurancePlan.read, system/Location.read, system/Organization.read, system/Patient.read, system/Patient.write, system/Practitioner.read, system/Procedure.read, system/Questionnaire.read, system/QuestionnaireResponse.read, system/ServiceRequest.read, system/Slot.read'
Expected Result:
This is our first client trying to connect to our NonProd app. We expected a 200 with an auth bearer token passed back in the response.
Actual Result:
Cerner-Correlation-Id 65b0a9f4-782f-49a4-947f-e0a875ce5f67
Date/time of the example: Fri, 17 Oct 2025 19:13:14 GMT
{
"error": "invalid_grant",
"error_uri": "https://authorization.cerner.com/errors/urn%3Acerner%3Aerror%3Aauthorization-server%3Aoauth2%3Atoken%3Ainvalid-tenant/instances/65b0a9f4-782f-49a4-947f-e0a875ce5f67?client=ec9e9fdd-d770-4108-8589-62fa060429fb&tenant=5b22adf1-4884-4ac2-b6f3-04fa545ac9fcm"
}