Stream: CARIN IG for Blue Button®
Topic: 1/2021 Cthon - 1up server
Michele Mottini (Jan 15 2021 at 14:20):
@Alex Hackett : getting a {"message":"this is the authorization app homepage visit 1uphealth api develper guide to learn more"} after authentication on 1up server as 1up / iscool
Alex Hackett (Jan 15 2021 at 14:32):
@Michele Mottini What url are you using? It's likely that you are hitting the root url and not using the right parameters. Check out the docs here for more information: https://1up.health/docs/start/smart-on-fhir
Michele Mottini (Jan 15 2021 at 14:40):
Ah yes, I was using the authorization URL for from the last connectathon
But using the new one (https://authv2.1uphealthdev.com/connect/testplan) I get {"success":false,"errorMessage":"could not find client_id for this access_token or access_token may be expired (3)"} - do I need to re-register our app ?
Michele Mottini (Jan 15 2021 at 14:43):
Also, the auth and token url retuned in the capability statement (https://auth.1up.health/auth/app/authorize https://auth.1up.health/oauth2/token") are different from those listed in the documentation
Michele Mottini (Jan 15 2021 at 14:50):
OK, I registered our app again and now I can login
Michele Mottini (Jan 15 2021 at 14:53):
But I cannot get data: GET https://api.1up.health/fhir/r4/Patient/1d5e078b47ba fails with a 401
{
"error": "invalid_token",
"error_description": "Invalid token: access token is invalid"
}
Michele Mottini (Jan 15 2021 at 14:54):
Both passing the original token and also trying to do a token refresh and using that new token
Alex Hackett (Jan 15 2021 at 15:00):
Can you send the curl request you are using
Michele Mottini (Jan 15 2021 at 15:02):
I am not using curl, it is the request coming from our app
Alex Hackett (Jan 15 2021 at 15:04):
Ok, and where did you get that patient_id
Michele Mottini (Jan 15 2021 at 15:06):
From the token response
Michele Mottini (Jan 15 2021 at 15:06):
Using launch/patient
Michele Mottini (Jan 15 2021 at 15:08):
From our log:
When : 1/15/2021 9:51:37 AM -05:00
Request : POST https://authv2.1uphealthdev.com/oauth2/token
Request headers
Request : grant_type=authorization_code&redirect_uri=https%3A%2F%2Fmyfhr.careevolution.com%2Fcfhrprovideraccounts%2Fredirecttarget&code=6d0dc0a66481f0aa66124b5a4940b149cc1605bc&client_id=77647a264bfa13c1cf06ebe1e15aac46&client_secret=457a777b662f23256cb8b4cd3dcdae5b
Response status code : 200
Response headers
Response :
{
"access_token": "41d37dbbccf9be293946858d90e858d10cb3dcc8",
"token_type": "Bearer",
"expires_in": 7199,
"refresh_token": "b26485a6b10e813feaf985cdfb463a7b424fb6fc",
"scope": "patient/*.read launch/patient offline_access",
"patient": "1d5e078b47ba"
}
Alex Hackett (Jan 15 2021 at 15:18):
Are you able to try without using the scope patient/*.read?
Michele Mottini (Jan 15 2021 at 15:23):
Yes
Kyle Brew (Jan 15 2021 at 15:37):
@Michele Mottini - we're currently supporting user/*.read, not patient/*.read
Michele Mottini (Jan 15 2021 at 15:39):
Same error with user/*.read
Michele Mottini (Jan 15 2021 at 15:40):
When : 1/15/2021 10:38:35 AM -05:00
Request : POST https://authv2.1uphealthdev.com/oauth2/token
Request : grant_type=refresh_token&refresh_token=ec888b362233a88466fe8a34a5bc352d3ec40130&client_id=77647a264bfa13c1cf06ebe1e15aac46&client_secret=457a777b662f23256cb8b4cd3dcdae5b
Response status code : 200
Response :
{
"access_token": "bfc124a9e262fff0938935c5f25297168a7ceeee",
"token_type": "Bearer",
"expires_in": 7199,
"refresh_token": "a4cf422bbf830b09f0bdfabe7adb0a75471a8407",
"scope": "user/*.read launch/patient",
"patient": "1d5e078b47ba"
}
Michele Mottini (Jan 15 2021 at 15:41):
When : 1/15/2021 10:38:35 AM -05:00
Resource : Patient
Request : GET https://api.1up.health/fhir/r4/Patient/1d5e078b47ba
Response status code : 401
Response :
{
"error": "invalid_token",
"error_description": "Invalid token: access token is invalid"
}
Alex Hackett (Jan 15 2021 at 16:02):
Try using launch/patient and openid also
Alex Hackett (Jan 15 2021 at 16:02):
Those are the other scopes that are currently supported
Michele Mottini (Jan 15 2021 at 16:05):
patient/*.read is what the specs say it should work - please fix your server
Michele Mottini (Jan 15 2021 at 16:05):
I'll re-test when it is fixed
Kyle Brew (Jan 15 2021 at 16:06):
yes it does - the resource url is https://api.1uphealthdev.com/r4/Patient/1d5e078b47ba
not https://api.1up.health
Kyle Brew (Jan 15 2021 at 16:06):
you can see our resource url here - https://api.1uphealthdev.com/r4/metadata
Kyle Brew (Jan 15 2021 at 16:08):
But will work on patient/*.read for future connectathons
Michele Mottini (Jan 15 2021 at 16:10):
Ah yes - I can get the patient on that endpoint!
But nothing else:
When : 1/15/2021 11:08:28 AM -05:00
Resource : Encounter
Request : GET https://api.1uphealthdev.com/r4/Encounter?patient=1d5e078b47ba
Response status code : 403
Response headers
Response :
{
"resourceType": "OperationOutcome",
"id": "3sggrbi76wb",
"issue": [
{
"severity": "error",
"code": "value",
"details": {
"text": "scope provided does not have access to perform this operation"
}
}
]
}
Michele Mottini (Jan 15 2021 at 16:10):
Using patient/*.read
Michele Mottini (Jan 15 2021 at 16:12):
Same with user/*.read
Kyle Brew (Jan 15 2021 at 17:48):
Looking into this. Would it be possible for you to DM me your access token value for when you try with user/*.read or email (kyle@1up.health)?
Michele Mottini (Jan 15 2021 at 18:00):
No, my error, I was still using patient/*.read- now actually switched to user/*.read and it works!
Michele Mottini (Jan 15 2021 at 18:02):
The only error are 404 on Organization (referenced by ExplanationOfBenefit):
When : 1/15/2021 12:59:03 PM -05:00
Resource : Organization
Request : GET https://api.1uphealthdev.com/r4/Organization/3e3ede0c779b
Response status code : 404
Response headers
Response :
{
"resourceType": "OperationOutcome",
"id": "9ap0vfqxgnd",
"issue": [
{
"severity": "error",
"code": "not found",
"details": {
"text": "Resource not found"
}
}
]
}
Kyle Brew (Jan 15 2021 at 19:11):
Good catch @Michele Mottini ! We loaded a Org resource for that ID to the environment
Last updated: Apr 12 2022 at 19:14 UTC
