Situation
We have an local instance of OpenEMR installed on Linux and are stuck with 2 issues :
- Unable to retrieve a 200OK with Introspect endpoint
I am trying to validate the access token retrieved from the OpenEMR token endpoint using the OpenEMR introspect endpoint.
The endpoint is always giving me a 401 unauthorized response as below
I have tried different ways to use the introspect endpoint and also looked through the code to check the parameters required to be passed.
-
Making a POST request to the introspect endpoint with content-type as x-www-urlencoded and a key value of “token” : access_token
-
Making a POST request to the introspect endpoint with content-type = x-www-urlencoded ,a key-value pair of “token” : access_token and a authorization header with Bearer <access_token>
-
Making a POST request to the introspect endpoint with nody as none and a basic authorization with username password
All of these methods do not work.
-
Unable to authorize in a Smart On FHIR app launch
I registered a multipurpose application (to use in EHR launch) and granted few user scopes along with openId and fhirUser scope. Also, i enabled the registered app.
I used the launch and redirect URL of a basic SMART on FHIR app that i have developed and is available in GIT. The app needs to use a fhir client that takes the app client_id, redirect_uri and scope of the registered app and i made sure i have used the exact same client_id, redirect_uri and scopes from the app.
However, when i launch the application from the patient summary page, the iframe opens and always displays an “invalid client error”.
I did try to register another app that has the launch URL and redirect URL of OpenEMR swagger (https://10.3.0.8/swagger/oauth2-redirect.html) and enabled this app as well. When i try to launch the app from the patient summary page, it successfully opens the swagger page.
I am not sure what i am missing since the way of doing a Smart on FHIR launch is similar to other EHR and my application works perfectly fine in their environment.
Appreciate any assistance on these!
OpenEMR Version
I’m using OpenEMR version
Browser:
I’m using: Chrome, Edge
Operating System
I’m using: Linux
Logs
Did you check the logs?
Was there anything pertinent in them?
Please paste them here (surround with three backticks (```) for readability.
You can also turn on User Debugging under Administration->Globals->Logging User Debugging Options=>All