I am querying a FHIR API server using Postman with OAuth2 token but I am getting the 401 Unauthorized request error. Could someone help me troubleshoot as I am not sure what I am doing wrong here?
I can send the token if needed to reproduce the error.
Check a few settings to ensure they are configured properly.
Select the FHIR service through the Azure portal, check if you've granted "FHIR Data Reader|Writer|Contributor|Exporter" permission to the service principal (or client application). Additionally, you may grant your login account with the same permission. This step is not required normally but if your account is a guest account in the subscription where the FHIR service is created, you may need to do so.
Navigate to Azure Active Directory where you have registered the client application, check if you've set up the correct Redirect URIs, "https://www.getpostman.com/oauth2/callback", and the secret is not expired. You can create a new secret if necessary.
In Postman, verify that you have the following settings as stated in the documentation.
Grant Type: Authorization Code
Callback URL: https://www.getpostman.com/oauth2/callback
Auth URL: https://login.microsoftonline.com/{yourtenantguid}/oauth2/?resource={yourAzureAPIforFHIRURL}
Access Token URL: https://login.microsoftonline.com/{yourtenantguid}/oauth2/token
Client ID: your client application guid
Client Secret: copy & paste the secret from the Azure portal
Scope: optional
State: optional
Client Authentication: Send as Basic Auth header
You can view and validate your access token at https://jwt.ms
