This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 23%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EL%3C/text%3E%3C/svg%3E)
Hi,
I have created an instance of Azure API for FHIR with an Azure FHIR proxy following this tutorial:
https://github.com/microsoft/health-architectures/tree/master/FHIR/FHIRProxy##configuration
I am able to browse to the proxy URL through a browser after being prompted to log in to view the metadata as shown below:
However, when trying to access it through the Postman API tool I keep getting the same error:
You do not have permission to view this directory or page.
I have tried generating an authorization Bearer token using the following:
The authorization token looks fine, but when adding it to my API call it errors as shown below:
]3
Does anyone have any idea how I can successfully call my API with a proper authorization token that works or know a tutorial that actually explains this part of the process?
The tutorial does not give much information.
Thanks
Hi, I managed to fix the issue. I found that the resource ID was needed in the auth URL:
This can be obtained from Enterprise Applications:
Also, creating two separate app registrations:
Looks like the FHIR Proxy is deployed with WebApp Authentication/Authorization (also called Easy Auth) enabled. If you have deployed as is too, the authentication flow is slightly different and is documented.
To quote the docs for reference, after getting the access token from Azure AD, you need to validate the token against easy auth which returns another authentication token that needs to be set in the X-ZUMO-AUTH header to make the actual request.
From the browser directly, a cookie is set with the required authentication token as mentioned in the same doc.
Thanks for the reply. I have not seen X-ZUMO-AUTH mentioned in any tutorials regarding Azure FHIR API or proxy. I created a token and added it to the header using X-ZUMO-AUTH and it still did not work.
I have been following this tutorial on Azure FHIR and Azure FHIR proxy:
@LooFunk It would be best to open an issue on this repo to update the steps for this scenario.
Hi @Pramod Valavala , I can't use easy auth on the FHIR API app, I tried and got the following:
@LooFunk The request must be made to your function app proxy - *.azurewebsites.net and FHIR directly.
Easy Auth is a feature of App Service that allows for setting up authentication for APIs.