Skip to Main Content
Forums

Code Console

Announcement

For information related to the Oracle Partner Network (OPN) Industry Healthcare Track please visit our OPN Industry Healthcare Program page.

For specific questions related to Oracle Partner Network (OPN), please contact Partner Assistance.

Millennium FHIR and non-FHIR API Specifications and Supporting Documents can be found HERE on docs.oracle.com
Soarian FHIR API Specifications and Supporting Documents can be found HERE on docs.oracle.com.

Need Access to Code Console Accounts

Kelly-BlockitFeb 6 2025 — edited Feb 26 2025

UPDATED NOTE:

We need access to our Code Console accounts.

ORIGINAL POST:

How can additional scopes be added for various clients to enable different APIs used with our integration for their practice? Do we need to submit an Oracle ticket or does the client need to do something on their end?

Workflow or API calls:

Auth with this scope, but get different scopes back from clients:

system/Account.read, system/AllergyIntolerance.read, system/AllergyIntolerance.write, system/Appointment.read, system/Appointment.write, system/Basic.write, system/Binary.read, system/CarePlan.read, system/CareTeam.read, system/ChargeItem.read, system/ChargeItem.write, system/Communication.read, system/Communication.write, system/Condition.read, system/Condition.write, system/Consent.read, system/Coverage.read, system/Coverage.write, system/Device.read, system/DiagnosticReport.read, system/DocumentReference.read, system/DocumentReference.write, system/Encounter.read, system/Encounter.write, system/FamilyMemberHistory.read, system/FamilyMemberHistory.write, system/FinancialTransaction.write, system/Goal.read, system/Immunization.read, system/Immunization.write, system/InsurancePlan.read, system/Location.read, system/Location.read, system/MedicationAdministration.read, system/MedicationRequest.read, system/MedicationRequest.write, system/NutritionOrder.read, system/Observation.read, system/Observation.write, system/Organization.read, system/Organization.write, system/Patient.read, system/Patient.write, system/Person.read, system/Practitioner.read, system/Practitioner.read, system/Practitioner.write, system/Procedure.read, system/Procedure.write, system/Provenance.read, system/Provenance.write, system/Questionnaire.read, system/QuestionnaireResponse.read, system/QuestionnaireResponse.write, system/RelatedPerson.read, system/RelatedPerson.write, system/Schedule.read, system/ServiceRequest.read, system/Slot.read, system/Slot.write

Application's Client ID and App ID, if relevant: 26b035a1-2d97-4e19-ab99-d8999c2d3ec9

Expected Result:

expect system scopes to be returned.

Actual Result:

Oauth response:

"scope": "system/Appointment.read system/Appointment.write system/Patient.read system/Patient.write system/Slot.read",

Cerner-Correlation-Id: 2a21cefa-69ba-458e-ac12-26604febd527
Date/time of the example: Thu, 06 Feb 2025 19:24:37 GMT

And of course, calls to APIs that are not inclued in the scope, like location return this:

{

"message": "code=\"urn:cerner:error:oauth2:resource-access:insufficient-scopes\", error=\"insufficient_scope\", subcode=\"no_scope_for_resource_path\"",

"code": 403

}
This post has been answered by Kelly-Blockit on Apr 3 2025
Jump to Answer
Comments
Post Details
Added on Feb 6 2025
12 comments
452 views
4 mentions