SMART Authorization

Announcement

For information related to the Oracle Partner Network (OPN) Industry Healthcare Track please visit our OPN Industry Healthcare Program page.

For specific questions related to Oracle Partner Network (OPN), please contact Partner Assistance.

Millennium FHIR and non-FHIR API Specifications and Supporting Documents can be found HERE on docs.oracle.com.
Soarian FHIR API Specifications and Supporting Documents can be found HERE on docs.oracle.com.

Token Request Failing with invalid_client After Successful authorization of Provider SSO with client secret

Amarjeet bMay 8 2025 — edited May 8 2025

Hi Team,

We are integrating with the Cerner SMART on FHIR API for provider SSO. The user authorization step completes successfully, and we receive a valid authorization code. However, when attempting to exchange the code for an access token, we encounter the following error:

{ "error": "invalid_client", "error_uri": "https://authorization.cerner.com/errors/urn%3Acerner%3Aerror%3Aauthorization-server%3Aoauth2%3Atoken%3Ainvalid-client-credentials/instances/14c93355-be14-47c0-9f4a-132ef6124fe5?client=unknown&tenant=ec2458f2-1e24-41c8-b71b-0e701af7583d" }

We are using HTTP Basic Auth with the client credentials. Below is the curl request used:

curl -X POST 'https://authorization.cerner.com/tenants/ec2458f2-1e24-41c8-b71b-0e701af7583d/protocols/oauth2/profiles/smart-v1/token' \ -H 'Content-Type: application/x-www-form-urlencoded' \ -u 'ee0a5ef6-3155-4228-b254-7666cffc6f52:xxxxx' \ -d 'grant_type=authorization_code' \ -d 'code=AUTHORIZATION_CODE' \ -d 'redirect_uri=https://fhir-ehr-code.cerner.com/callback'

Note: We've masked the client secret here as xxxxx.

Could you please verify that this client is properly configured for provider SSO and that the token exchange is enabled and correctly provisioned?

This post has been answered by Samuel Denning-Oracle on May 9 2025

Jump to Answer

Added on May 8 2025

5 comments

425 views

2 mentions