Background:
I have read the Connect to applications using SMART on FHIR documenation many times. The way I understand it and the way I have developed up to this point is the following.
Here is the output:
{
"issue": [
{
"code": "security",
"details": {
"text": "permission_denied"
},
"diagnostics": "SMART headers are not supported",
"severity": "error"
}
],
"resourceType": "OperationOutcome"
}
Here are a few access tokens presented to GCP FHIR server. Maybe they need to be formatted different. But It just seems from the error that "SMART headers are not supported" and there is some undocumented way to turn the feature on. If it is my format, the error is not helping me.
If you examine the encoded JWTs you will see the signing alg is RS256 but I have also signed with RS384 as required by SMART.
Example 1 :access-token
{
"iss": "https://host.docker.internal:5002",
"nbf": 1710360459,
"iat": 1710360459,
"exp": 1710364059,
"aud": "https://host.docker.internal:5002/resources",
"scope": [
"launch/patient",
"system/Patient.read"
],
"client_id": "wC9QS1nnaZJ3iOq5WOpVjLCP4-NDVd7P7YpzWBuIk5A",
"jti": "EFFD282A084B2F6C7739A381C593ECF9"
}
encoded
eyJhbGciOiJSUzI1NiIsImtpZCI6IjZEOTA4MDk2MzExRTZEODVCNEU2QTgwMUE2RUY0MTU5IiwidHlwIjoiYXQrand0In0.eyJpc3MiOiJodHRwczovL2hvc3QuZG9ja2VyLmludGVybmFsOjUwMDIiLCJuYmYiOjE3MTAzNjA0NTksImlhdCI6MTcxMDM2MDQ1OSwiZXhwIjoxNzEwMzY0MDU5LCJhdWQiOiJodHRwczovL2hvc3QuZG9ja2VyLmludGVybmFsOjUwMDIvcmVzb3VyY2VzIiwic2NvcGUiOlsibGF1bmNoL3BhdGllbnQiLCJzeXN0ZW0vUGF0aWVudC5yZWFkIl0sImNsaWVudF9pZCI6IndDOVFTMW5uYVpKM2lPcTVXT3BWakxDUDQtTkRWZDdQN1lweldCdUlrNUEiLCJqdGkiOiJFRkZEMjgyQTA4NEIyRjZDNzczOUEzODFDNTkzRUNGOSJ9.mSplnF2LgWo_Phd3OtFFdTzHKc8uw6PWZZlJTdYzMh9ikHgLfifm9a9gud26WuMus3kQUyCmtsNYDRXlpZ0XpjuWNWRv-pIwHjymI9D8MYqM_mj9DUULKnEAK_JMMVWAZEbMuUC8yGTuNFlspD_rKposPPiAEMIetTkjMN1Zm6VBPaZF8sVv8t5jYtOZq3ekn7j7aFmsO2XyzERtEqWiWAqrsyac03vtMoBgTWICeSiSCB45ZA7Q3K0K1sbK7Kj6tQ3KlckR4DmW182JtCRNmhrFjjirL7GaWQMSEzyyeaec_74C112S9q2HPETU700SPgmwDqPAS4-lVZtrq4f0aA
Example 1 : access-token
{
"iss": "https://host.docker.internal:5002",
"nbf": 1710362714,
"iat": 1710362714,
"exp": 1710366314,
"aud": "https://host.docker.internal:5002/resources",
"scope": [
"launch/patient",
"openid",
"user/Patient.read"
],
"amr": [
"pwd"
],
"client_id": "wC9QS1nnaZJ3iOq5WOpVjLCP4-NDVd7P7YpzWBuIk5A",
"sub": "2",
"auth_time": 1710362703,
"idp": "local",
"sid": "A52AA964B2C245B4FED6A241D6FCB8F9",
"jti": "FCF7235E5DC395BB30B53293BEC2FCFA"
}
eyJhbGciOiJSUzI1NiIsImtpZCI6IjZEOTA4MDk2MzExRTZEODVCNEU2QTgwMUE2RUY0MTU5IiwidHlwIjoiYXQrand0In0.eyJpc3MiOiJodHRwczovL2hvc3QuZG9ja2VyLmludGVybmFsOjUwMDIiLCJuYmYiOjE3MTAzNjI3MTQsImlhdCI6MTcxMDM2MjcxNCwiZXhwIjoxNzEwMzY2MzE0LCJhdWQiOiJodHRwczovL2hvc3QuZG9ja2VyLmludGVybmFsOjUwMDIvcmVzb3VyY2VzIiwic2NvcGUiOlsibGF1bmNoL3BhdGllbnQiLCJvcGVuaWQiLCJ1c2VyL1BhdGllbnQucmVhZCJdLCJhbXIiOlsicHdkIl0sImNsaWVudF9pZCI6IndDOVFTMW5uYVpKM2lPcTVXT3BWakxDUDQtTkRWZDdQN1lweldCdUlrNUEiLCJzdWIiOiIyIiwiYXV0aF90aW1lIjoxNzEwMzYyNzAzLCJpZHAiOiJsb2NhbCIsInNpZCI6IkE1MkFBOTY0QjJDMjQ1QjRGRUQ2QTI0MUQ2RkNCOEY5IiwianRpIjoiRkNGNzIzNUU1REMzOTVCQjMwQjUzMjkzQkVDMkZDRkEifQ.cLSoo1yhlH-nY5yjOWfuBYKjq6JlJfRHeZhl8tKNKdOTl2HvNfv3acmB5eESM5YEuIHUwYZ_vEBe3HcyYW3Y4oMlWIfj6gFV4FygDjoYhfSKBF7bt8MYfQahPfH5348XS1_99axj53UM_aeUL4QdNi75NGyYokv-1K9Jw-ieMAVO5qXWtFxLO6mIOnW_G6SLuD_3WGuJN7Dlnr7oPdOeCXhNPws9NozDFMfsFcmqeB8xxc80f3ejCN3-vr9uooJdbBwgWLSH7RwYHrk9DIdidejUx6t_x8_IFOcARvp3IOfdwjngYheGPRoV1-Sjh7Uytlck_TUDF9iH4oLLXtXKZw
I look forward to some guidance.
Also the logs in the Operations are just have two entries. For every FHIR Dataset I have created it is always just two entries. Why no logs?
Solved! Go to Solution.
Through some help from a Google employee in a different venue the suggestion was to call the v1beta1 endpoint rather than the v1 endpoint. So for example
call
Rather than
Just something I need to be on the look out for as a convention while working with preview releases.
Through some help from a Google employee in a different venue the suggestion was to call the v1beta1 endpoint rather than the v1 endpoint. So for example
call
Rather than
Just something I need to be on the look out for as a convention while working with preview releases.