Stream: implementers
Topic: EHR Launch Insufficient Scope
booma radhakrishnan (Jun 03 2021 at 01:43):
I am trying to post data and it works and getting the posted data i am getting insufficent scope and 403 forbidden error.
Request URL: https://fhir.epic.com/interconnect-fhir-oauth/api/FHIR/R4/QuestionnaireResponse?patient=erXuFYUfucBZaryVksYEcMg3
Request Method: GET
Status Code: 403 Forbidden
WWW-Authenticate: Bearer error="insufficient_scope", error_description="The access token provided is valid, but is not authorized for this service"
'scope': 'Patient.Read, Patient.Search, DocumentReference.Read (Clinical Notes),Observation.Create, Observation.Read, Observation.Search, QuestionnaireResponse.Create(Appointment and Series),QuestionnaireResponse.Read (Immunization),QuestionnaireResponse.Read(Appointment and Series)',
Which scope is required to read questionnaireResponse which posted recently.
Lloyd McKenzie (Jun 03 2021 at 01:46):
It looks like these are fine-grained scopes. Presumably the questionnaire you posted is an "Appointment and Series"? This seems like something you'll need to take up with the owner of the server.
Last updated: Apr 12 2022 at 19:14 UTC
