401 when using client_credentials auth flow

Question

401 when using client_credentials auth flow

208 Views Asked by Chris Auer At 13 April 2025 at 00:54

Everything works great with Postman and authorization_code grant. But I am trying to connect to FHIR with client_credentials flow, meaning no UI.

I am calling the url https://login.microsoftonline.com/xxxxxxxx-c9a9-4be5-a9f7-xxxxxxxxxxxx/oauth2/v2.0/token with the parameters:

grant_type: client_credentials
client_id: [my fhir application ID]
scope: https://[myCompany].azurehealthcareapis.com/.default
client_secret: [mySecret]

With that, I get back a token

{
    "token_type": "Bearer",
    "expires_in": 3599,
    "ext_expires_in": 3599,
    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Im5PbzNaRHJPRFhFSzFqS1doWHNsSFJfS1hFZyIsImtpZCI6Im5PbzNaRHJPRFhFSzFqS1doWHNsSFJfS1hFZyJ9.eyJhdWQiOiJodHRwczovL2JvbmZoaXIuYXp1cmVoZWFsdGhjYXJlYXBpcy5jb20iLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC8wZjIzNjI5Yy1jOWE5LTRiZTUtYTlmNy1iZGI1ODU1M2Q3YjUvIiwiaWF0IjoxNjIyMjMwNjExLCJuYmYiOjE2MjIyMzA2MTEsImV4cCI6MTYyMjIzNDUxMSwiYWlvIjoiRTJaZ1lERGJ3WFZqendaRGt4M25ZcmhXcnNoMEJBQT0iLCJhcHBpZCI6ImY3YTA0ZWZjLTE1YjItNDVlMi05NzU5LWI0ZGQ0ZTdjN2Q5ZiIsImFwcGlkYWNyIjoiMSIsImlkcCI6Imh0dHBzOi8vc3RzLndpbmRvd3MubmV0LzBmMjM2MjljLWM5YTktNGJlNS1hOWY3LWJkYjU4NTUzZDdiNS8iLCJvaWQiOiJlYTFiMmI4MC1kYTdiLTQ2YmEtYjgyOS01YzdlNTllZmVmYzciLCJyaCI6IjAuQVhjQW5HSWpENm5KNVV1cDk3MjFoVlBYdGZ4T29QZXlGZUpGbDFtMDNVNThmWjkzQUFBLiIsInN1YiI6ImVhMWIyYjgwLWRhN2ItNDZiYS1iODI5LTVjN2U1OWVmZWZjNyIsInRpZCI6IjBmMjM2MjljLWM5YTktNGJlNS1hOWY3LWJkYjU4NTUzZDdiNSIsInV0aSI6InYwSnhfOEM0c1VtQ1ZGQUZoY3AtQWciLCJ2ZXIiOiIxLjAifQ.QMHS5OoWYflq30owYolvwzDkRJm4sG29G11Z_Qct_pPuj_ULm6hR4vC_jydqsq7eDFGxA1wb_Y8hJXVKTHBu1ij9_SKSlKhNZ6KmkqrvOhTaADFGw36albKNgII_xzA-gmeAOKQuKX9Q9wZmPfJETx5NJuJnG1qAnexvhQkhMv8AgiznnU9VbaIoAAvObHx9E5Pb5nesSmOhVwMxZRjBrTHqz9ryFUDYq3Pciuz6HvVF7ro9IijUg9d8r2da8HuXGXvZiJXkfiEW6OuR1RLv9QDol6WjAOKTB12q07iFFgDL0UTinWLY--3dn0raVyd7ZtT_yzLNRZ9iqX_XXXXX"
}

Now when I call the url https://[myCompany].azurehealthcareapis.com/Patient I get 401 response.

{
    "resourceType": "OperationOutcome",
    "id": "114e91311cbd11458e3d3284db6c9826",
    "issue": [
        {
            "severity": "error",
            "code": "login",
            "diagnostics": "Authentication failed."
        }
    ]
}

This is what I have for Api Permissions

Original Q&A

There are 1 best solutions below

**Chris Auer** · Answer 1

On the Fhir service, select Access control (IAM) from the left menu (if you are using Azure RBAC).

From there, click on Role Assignments

Then search for your your App Registration

This allows your app to have permissions to the Fhir service outside of that of the logged in users.

401 when using client_credentials auth flow

There are 1 best solutions below

Related Questions in FHIR-SERVER-FOR-AZURE

Trending Questions

Popular # Hahtags

Popular Questions