Skip to Main Content

SMART Authorization

Announcement

For information related to the Oracle Partner Network (OPN) Industry Healthcare Track please visit our OPN Industry Healthcare Program page.

For specific questions related to Oracle Partner Network (OPN), please contact Partner Assistance.

Invalid client from token endpoint for a Provider app

Victor CastilloFeb 1 2024 — edited Feb 1 2024

Workflow or API calls:

Hi,

I'm trying to get a token from Postman for a Provider app we are currently testing against the public sandbox. I followed the instructions here https://fhir.cerner.com/authorization/#requesting-authorization-on-behalf-of-a-user and the response from Cerner is as follows:

{ 
   "error": "invalid_client", 
   "error_uri": "https://authorization.cerner.com/errors/urn%3Acerner%3Aerror%3Aauthorization-server%3Aoauth2%3Atoken%3Ainvalid-authorization-header/instances/db598899-ff7e-4e29-a4e1-b897484d430c?tenant=ec2458f2-1e24-41c8-b71b-0e701af7583d" 
}

A “code” and a “state” parameter are present in the authorization endpoint response and the “state” parameter matches. This is my Postman token endpoint request:

curl --location 'https://authorization.cerner.com/tenants/ec2458f2-1e24-41c8-b71b-0e701af7583d/protocols/oauth2/profiles/smart-v1/token' \ 
--header 'Content-Type: application/x-www-form-urlencoded' \ 
--header 'Accept: application/json' \ 
--header 'Content-Length: 161' \ 
--data-urlencode 'grant_type=authorization_code' \ 
--data-urlencode 'code=<code returned bu the authorization request>' \ 
--data-urlencode 'redirect_uri=<same URL sent in the authorization request>' \ 
--data-urlencode 'client_id=<our app client ID>'

Expected Result:

HTTP/1.1 200 OK

Actual Result:

Cerner-Correlation-Id: db598899-ff7e-4e29-a4e1-b897484d430c

Comments
Post Details
Added on Feb 1 2024
1 comment
64 views