Skip to Main Content
Forums

R4 APIs (Millennium)

Announcement

For information related to the Oracle Partner Network (OPN) Industry Healthcare Track please visit our OPN Industry Healthcare Program page.

For specific questions related to Oracle Partner Network (OPN), please contact Partner Assistance.

Millennium FHIR and non-FHIR API Specifications and Supporting Documents can be found HERE on docs.oracle.com
Soarian FHIR API Specifications and Supporting Documents can be found HERE on docs.oracle.com.

Organization, Location Resources Returns 403 Despite R4 Spec Saying Available

Joe Tonelli14 hours ago

Workflow or API calls:

We're trying to access organization and location resources are part of a patient-initiated connection flow. The patient authorizes, and we begin to fetch FHIR resources on their behalf. However, despite seemingly being available when connecting via patient (referencing here https://docs.oracle.com/en/industries/health/millennium-platform-apis/mfrap/op-organization-id-get.html), we see scope issues when querying for these related resources when they're found via a FHIR reference (off an encounter for example)

Our application requests (and successfully receives in the token response) the following scopes:

scopes:
- launch/patient
- offline_access
- openid
- fhirUser
- patient/Account.read
- patient/AllergyIntolerance.read
- patient/Appointment.read
- patient/Binary.read
- patient/CarePlan.read
- patient/CareTeam.read
- patient/Condition.read
- patient/Consent.read
- patient/Coverage.read
- patient/Device.read
- patient/DiagnosticReport.read
- patient/DocumentReference.read
- patient/Encounter.read
- patient/FamilyMemberHistory.read
- patient/Goal.read
- patient/Immunization.read
- patient/InsurancePlan.read
- patient/Media.read
- patient/MedicationAdministration.read
- patient/MedicationDispense.read
- patient/MedicationRequest.read
- patient/NutritionOrder.read
- patient/Observation.read
- patient/Patient.read
- patient/Person.read
- patient/Procedure.read
- patient/Provenance.read
- patient/Questionnaire.read
- patient/QuestionnaireResponse.read
- patient/RelatedPerson.read
- patient/Schedule.read
- patient/ServiceRequest.read
- patient/Slot.read
- patient/Specimen.read
- user/Account.read
- user/AllergyIntolerance.read
- user/Appointment.read
- user/Binary.read
- user/CarePlan.read
- user/CareTeam.read
- user/Condition.read
- user/Consent.read
- user/Coverage.read
- user/Device.read
- user/DiagnosticReport.read
- user/DocumentReference.read
- user/Encounter.read
- user/FamilyMemberHistory.read
- user/Goal.read
- user/Immunization.read
- user/InsurancePlan.read
- user/Media.read
- user/MedicationAdministration.read
- user/MedicationDispense.read
- user/MedicationRequest.read
- user/NutritionOrder.read
- user/Observation.read
- user/Patient.read
- user/Person.read
- user/Procedure.read
- user/Provenance.read
- user/Questionnaire.read
- user/QuestionnaireResponse.read
- user/RelatedPerson.read
- user/Schedule.read
- user/ServiceRequest.read
- user/Slot.read
- user/Specimen.read
- user/Organization.read
- user/Location.read

Would the patient (as the user) not have access to Organization/read or Location/read?

Background Information:

Failure to provide answers will impact our ability to respond in a timely and effective manner
Developer questions:

Are you an OPN Member? Yes
Have you signed up to be in the Healthcare Developer Track? Yes
Are you a registered Code Program member? Yes
Does your App have a presence on the Oracle Healthcare App Marketplace? No

Application ID: c3ccfbac-1b94-49d2-9210-ebf3a3d5aa6e

Client ID: ce9a6541-6e1b-4b99-8576-a7153774ebf1
Comments
Post Details
Added 14 hours ago
#r4/location, #r4/organization
1 comment
7 views
1 mention