Problems in accessing Azure API for FHIR with Postman

Question

I followed the steps as per the document in "https://learn.microsoft.com/en-us/azure/healthcare-apis/access-fhir-postman-tutorial" to set up the FHIR API and registered a client application with "FHIR Data Contributor" access level. And I am able to get the metadata in Postman. But when i try to access the Patient resource, instead of the response code 200-OK it is still giving 403_Forbidden error after using the right token. Did anyone faced the similar issue while setting it up?

Answer 1

Hi @Shriram , welcome to Microsoft Q&A forum.

This issue is mostly related to adding the configuring RBAC roles for the Azure FHIR service. While adding the role assignment, please select the user too as mentioned in the below screenshot and then try doing a Get Request.

Also assuming that you have created the access token already as mentioned in the article.

Please let me know if this helps or else we can discuss further.

----------

if answer helps, please select 'Accept Answer' as this could help other community members looking for similar queries.

Answer 2

Answer 3

Thanks @AnuragSharma-MSFT for getting back to me. I did use the same exact tutorial and double checked to make sure I gave FHIR Data Contributor role to the client app as well as my MSFT account.
I also ensured that the token was created as per the tutorial.

The 401 I got was during testing the get patient API call from postman. I have deleted the resource as I was getting charged for running it, so I cannot provide the actual error now.

Answer 4

Thanks @AnuragSharma-MSFT. That solution worked for me. But if i give the user, "FHIR Data Contributor" access, then the applications created by the user should automatically inherit the same access level right? Or Should we have to explicitly assign the role to the client application that the user creates next?

Answer 5

@AnuragSharma-MSFT Will the Apps inherit the same access level as the user who generated them as above?