I'm not getting a token back from my epic app.
I'm calling my app (PFI_app, non-prod. client id: [my_client_id]) from a browser script:
FHIR.oauth2.authorize({
'client_id':[my_client_id],
'scope':'openid, fhirUser,PATIENT.READ, PATIENT.SEARCH, OBSERVATION.READ, OBSERVATION.SEARCH',
'redirect_uri':[my_redirect_uri],
'state':'abc123',
'aud':'https://fhir.epic.com/interconnect-fhir-oauth/api/fhir/r4'
});
I get prompted to login at signin.epic.com and i use the credentials FHIR (username) and EpicFhir11!(password), which i got from this page: https://fhir.epic.com/Documentation?docId=testpatients.
at my redirect url page i use the following to get the access token:
FHIR.oauth2.ready()
.then(function(client){
myapp.smart = client
console.log(client);
})
BUT, i keep getting the following error message:
Failed to load resource: the server responded with a status of 400 (Bad Request) app.html:39 https://fhir.epic.com/interconnect-fhir-oauth/oauth2/token
i get another message saying: URL: https://fhir.epic.com/interconnect-fhir-oauth/oauth2/token unauthorized_client
this leads me to believe that i logged in with an improper user who isn't authorized.
ultimately, i don't get a token. any idea why? is it because I'm using improper login credentials and therfore that user doesn't have access to get a token.
also, I'm using fhir-client.js not, fhir-client-v2.js, is that a problem?
UPDATE:
so I just waited and token issue resolved itself. perhaps there was a time period I had to wait after changing my epic fhir app information at fhir.epic.com. I changed the "Application Audience" from patients to "clinicians and administrative users." I had been logging in to epic when prompted as an admin for many hours before I wrote this post, but I can't think of anything that I changed to my code. I just waited.
now my last remaining problem is that when I try and search for patients from the sandbox with this code:
var obs = await fetch(myapp.smart["state"]["serverUrl"]+"/Patient?address=123%20Main%20St.&address-city=Madison&address-postalcode=53703&address-state=Wisconsin&family=Mychart&gender=Female&given=Allison&telecom=608-123-4567",{
headers:{
"Accept":"application/json+fhir",
"Authorization":"Bearer"+myapp.smart["state"]["tokenResponse"]["access_token"]
}
}).then(function(data){
return data;
});
var response = await obs.json();
console.log( response );
I get another "unauthorized message":
Failed to load resource: the server responded with a status of 401 (Unauthorized) https://fhir.epic.com/interconnect-fhir-oauth/api/FHIR/R4/Patient?address=123%20Main%20St.&address-city=Madison&address-postalcode=53703&address-state=Wisconsin&family=Mychart&gender=Female&given=Allison&telecom=608-123-4567
this is where I got the syntax for structuring this call to the Patient.search resource:
https://fhir.epic.com/Sandbox?api=932
any ideas why I'm unauthorized to make this call? again, I'm logged in using the provider-facing app user credentials listed here: https://fhir.epic.com/Documentation?docId=testpatients (username: FHIR)
UPDATE:
so I changed the FHIR.oauth2.ready call to include the request and it worked. I'm not sure why I couldn't include the provided token as a Bearer token in fetch but the following worked:
var req = "/Patient?address=123%20Main%20St.&address-city=Madison&address-postalcode=53703&address-state=Wisconsin&family=Mychart&gender=Female&given=Allison&telecom=608-123-4567"
FHIR.oauth2.ready( client => client.request(req) ).then(function(output){
console.log(output); /* should include search results for the patient */
});
thanks for any help
