Skip to Main Content

SMART Authorization


For information related to the Oracle Partner Network (OPN) Industry Healthcare Track please visit our OPN Industry Healthcare Program page.

For specific questions related to Oracle Partner Network (OPN), please contact Partner Assistance.

client type not smart backend service

Andrew PhommathepDec 29 2023 — edited Jan 4 2024

Workflow or API calls:

I have created Provider/Patient Private and Confidential applications. I have been unable to successfully authorize over REST API, reverse engineering the HTTP requests from SMART app on GitHub. When I retry the HTTP requests in Postman, they fail to go through. I haven't seen a straightforward doc that demonstrates how to integrate with Cerner Secure Sandbox API.

curl --location '' \
--header 'Accept: application/json' \
--header 'Accept-Language: en-US,en;q=0.9' \
--header 'Authorization: Bearer token' \
--header 'Connection: keep-alive' \
--header 'Content-Type: application/json' \
--header 'Origin:' \
--header 'Referer:' \
--header 'Sec-Fetch-Dest: empty' \
--header 'Sec-Fetch-Mode: cors' \
--header 'Sec-Fetch-Site: cross-site' \
--header 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/ Safari/537.36 Edg/' \
--header 'sec-ch-ua: "Not_A Brand";v="8", "Chromium";v="120", "Microsoft Edge";v="120"' \
--header 'sec-ch-ua-mobile: ?0' \
--header 'sec-ch-ua-platform: "Windows"'


Expected Result: 200 OK with Patient ID response

Actual Result:

**Cerner-Correlation-ID**: a29c4de9-7da0-4f4c-ac6d-3534c9516774



"error": "invalid\_client",

"error\_uri": ""



This post has been answered by Andrew Phommathep on Jan 4 2024
Jump to Answer
Post Details
Added on Dec 29 2023
1 comment