FHIR Chat · C25 -- Testing with Cerner · smart

Stream: smart

Topic: C25 -- Testing with Cerner

Josh Mandel (Sep 10 2020 at 15:49):

Thanks @Max Philips! Can you register a client for the connectathon with redirect URLs of http://localhost:8000/index.html and https://smart.argo.run/granular/?

Max Philips (Sep 10 2020 at 16:15):

yep will get this added

Max Philips (Sep 10 2020 at 16:25):

@Josh Mandel I registered client id 1e922584-6173-40da-bc5c-95aace5c44bd with that info. it may take 15 min from the time of this post to propagate out

Josh Mandel (Sep 10 2020 at 16:33):

Thanks! And that's a public client?

Max Philips (Sep 10 2020 at 16:38):

yep. you can use portal / portal to log in to Cerner's IdP

Josh Mandel (Sep 10 2020 at 16:50):

Ah, you anticipated the question I just came here to ask ;-)

Josh Mandel (Sep 10 2020 at 16:54):

Login works; my first attempt to authorize I get redirected back to the app with:

http://localhost:8000/index.html?state=do5tOh1zqJaAm94K&error=access_denied&error_uri=https%3A%2F%2Fauthorization.sandboxcerner.com%2Ferrors%2Furn%253Acerner%253Aerror%253Aauthorization-server%253Aoauth2%253Agrant%253Amissing-patient%2Finstances%2F934041a2-79d6-4347-9738-157c52fd7ba2%3Fpersona%3Dprovider%26client%3D1e922584-6173-40da-bc5c-95aace5c44bd%26tenant%3D0b8a0111-e8e6-4c26-a91c-5069cbc6b1ca

"OAuth2 grant missing-patient"? @Max Philips do you know what might cause this? My authz request looks like:

response_type=code&client_id=1e922584-6173-40da-bc5c-95aace5c44bd&scope=launch%2Fpatient%20patient%2FObservation.rs&redirect_uri=http%3A%2F%2Flocalhost%3A8000%2Findex.html&aud=https%3A%2F%2Ffhir-ehr.stagingcerner.com%2Fbeta%2F0b8a0111-e8e6-4c26-a91c-5069cbc6b1ca&state=92j0J2xWDdlUPWt5

Or, a bit easier on the eyes:

response_type: code
client_id: 1e922584-6173-40da-bc5c-95aace5c44bd
scope: launch/patient patient/Observation.rs
redirect_uri: http://localhost:8000/index.html
aud: https://fhir-ehr.stagingcerner.com/beta/0b8a0111-e8e6-4c26-a91c-5069cbc6b1ca
state: 92j0J2xWDdlUPWt5

Max Philips (Sep 10 2020 at 16:57):

oopsie, taking a look

Max Philips (Sep 10 2020 at 17:09):

"patient/" scopes were selected, but no patient IDs were provided. Ensure that the SMART launch is being sent and that it contains a patient ID.

Max Philips (Sep 10 2020 at 17:10):

that's the error from the auth server ^

Max Philips (Sep 10 2020 at 17:11):

1316024 is a patient id that can be used in Cerner

Max Philips (Sep 10 2020 at 17:28):

looks like I can duplicate this behavior using smart.argo.run

Max Philips (Sep 10 2020 at 17:45):

I seem to be expecting some context that is not necessarily present :)

Max Philips (Sep 10 2020 at 18:34):

So, let me work for a while on getting this switched over to actually support standalone launch!

Josh Mandel (Sep 10 2020 at 18:45):

Thanks @Max Philips !

Max Philips (Sep 10 2020 at 20:21):

unfortunately there are some configuration changes I need to make that involve engaging another team - looking like tomorrow morning will be when testing can resume

Josh Mandel (Sep 10 2020 at 20:21):

OK, thanks for the update! Will look forward to testing tomorrow.

Max Philips (Sep 10 2020 at 22:37):

I've updated Cerner's server URL in the registration spreadsheet and updated the linked notes with new URLs / credentials. The switch to actually make those updated URLs work is scheduled for tonight, so everything should be ready to go for tomorrow. Anyone else wanting to test a client, please let me know and I will register you!

Keith Carlson (Sep 11 2020 at 13:25):

@Max Philips are the URLs still updating? I currently cannot even get the capability statement.

Going to: https://fhir-ehr.stagingcerner.com/beta/ec2458f2-1e24-41c8-b71b-0e701af7583d/base/metadata gives me: {"resourceType":"OperationOutcome","issue":[{"severity":"error","code":"not-found","details":{"text":"Not Found"}}]}

Max Philips (Sep 11 2020 at 13:38):

@Keith Carlson they are :)

Max Philips (Sep 11 2020 at 14:42):

building another change for Cerner's server here and I will have to update the URLs again, but after that it should be good to go finally!

Max Philips (Sep 11 2020 at 15:36):

ok let's give this another shot. Right now I am re-registering @Josh Mandel 's client

Max Philips (Sep 11 2020 at 15:40):

actually nevermind the existing registration should still work!

Max Philips (Sep 11 2020 at 15:40):

Cerner's base URL has updated once more to https://fhir-myrecord.stagingcerner.com/beta/0b8a0111-e8e6-4c26-a91c-5069cbc6b1ca/

Max Philips (Sep 11 2020 at 15:46):

@Gino Canessa could you add patient/Observation.read to the Scenarios tab of the test client? unfortunately I have a limitation of needing old and new scopes to test this track

Max Philips (Sep 11 2020 at 15:47):

otherwise things are looking good. copying patient access credentials out of my notes doc: arthur_morgan / Cerner01 | patient id 8326009

Gino Canessa (Sep 11 2020 at 15:50):

Pushing now, should be available in ~5 mins

Max Philips (Sep 11 2020 at 15:52):

thank you!

Max Philips (Sep 11 2020 at 15:55):

oh I guess also I should put some vitals onto the test patient... right now they don't have any

Josh Mandel (Sep 11 2020 at 15:57):

When I try authorizing the client in the test app via the SMART V1 tab (scopes: "launch/patient patient/Patient.read patient/Observation.read", the return scopes don't include "patient/Patient.read" and indeed I can't read Patient 8326009. Is this expected @Max Philips?

Josh Mandel (Sep 11 2020 at 15:58):

I also get an empty bundle of Observations (but a 200 OK response status) when I query for

https://fhir-myrecord.stagingcerner.com/beta/0b8a0111-e8e6-4c26-a91c-5069cbc6b1ca/Observation?patient=Patient%2F8326009

Josh Mandel (Sep 11 2020 at 15:58):

Is this test patient observationless?

Chuck Feltner (Sep 11 2020 at 16:01):

@Max Philips Can you register a client for me with redirect URL of https://smart.argo.run/granular/?

Max Philips (Sep 11 2020 at 16:02):

yep @Josh Mandel the patient read is expected not to work right now. I will update your client to be able to grab that scope. Correct the patient is also observation-less at the moment, working on it!

Max Philips (Sep 11 2020 at 16:02):

@Chuck Feltner adding now

Max Philips (Sep 11 2020 at 16:07):

@Josh Mandel your client (and all future clients) should be able to read Patients within 5-15 min
@Chuck Feltner I registered client id 8d054ff1-ab0c-4ac1-9aa4-a4db4abbd589 for you, also available in 5-15 min

Chuck Feltner (Sep 11 2020 at 16:09):

Great thanks @Max Philips

Chuck Feltner (Sep 11 2020 at 16:23):

Was able to login and was granted patient/Observation.rs scope. But when I search for Observation?category=vital-signs I get back a 403 Forbidden error.

Max Philips (Sep 11 2020 at 16:25):

hm, that doesn't sound good. let me check some logs. one thing - did you request only patient/Observation.rs ? unfortunately Cerner requires both types of scopes to be set (i.e. request patient/Observation.read as well)

Chuck Feltner (Sep 11 2020 at 16:30):

Yes, I only requested patient/Observation.rs. Once I included the patient/Observation.read as well I no longer get the forbidden error but I just get back an empty bundle for Observation?category=vital-signs.

Max Philips (Sep 11 2020 at 16:33):

I'm using an old test domain for the connecathon this time around and (of course) having troubles adding Observations to the test patient there - should be able to get some results charted soon!

Max Philips (Sep 11 2020 at 17:23):

ok - I have a new test patient that has vitals: 1316024 tim_peters / Cerner01

Max Philips (Sep 11 2020 at 19:00):

stepping away to grab food

Max Philips (Sep 11 2020 at 19:44):

back

Last updated: Apr 12 2022 at 19:14 UTC