Getting Error (Code 500011) while accessing FHIR using Postman in Azure Health Data services

Mysari Gnaneshwar 5 Reputation points
2023-10-20T11:49:59.81+00:00

We are getting below error while getting Microsoft Entra access token in Postman.

Steps performed:

  1. Created Azure Health Data service Workspace
  2. Created FHIR service and deployed
  3. Created DICOM service and deployed
  4. Registered Client Application using Microsoft Entra ID
  5. Accessing FHIR using Postman While accessing, FHIR services using postman, we getting the following error

Error code: 500011

 

{
    "error": "invalid_resource",
    "error_description": "AADSTS500011: The resource principal named https://azurehealthdata01-fhirservice.fhir.azurehealthcareapis.com/metadata was not found in the tenant named bbtenant. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You might have sent your authentication request to the wrong tenant.\r\nTrace ID: 27d61414-d18e-4d0e-95e5-ac09146f2a00\r\nCorrelation ID: 4eb3630a-6873-49b6-ab9f-3cdf59cdd444\r\nTimestamp: 2023-10-20 09:53:40Z",
    "error_codes": [
        500011
    ],
    "timestamp": "2023-10-20 09:53:40Z",
    "trace_id": "27d61414-d18e-4d0e-95e5-ac09146f2a00",
    "correlation_id": "4eb3630a-6873-49b6-ab9f-3cdf59cdd444",
    "error_uri": "https://login.microsoftonline.com/error?code=500011"
}

Azure Health Data Services
Azure Health Data Services
An Azure offering that provides a suite of purpose-built technologies for protected health information in the cloud.
149 questions
Microsoft Entra
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,890 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. MuthuKumaranMurugaachari-MSFT 22,236 Reputation points
    2023-10-20T14:29:52.88+00:00

    Mysari Gnaneshwar Thanks for posting your question in Microsoft Q&A. I assume you followed the steps described in doc: Access using Postman and when you try to access FHIR resource, you got the above error.

    As per the error message/code: 500011 and https://login.microsoftonline.com/error?code=500011, the resource principal was not found in the tenant bbtenant. That means Microsoft Entra access token generated via https://login.microsoftonline.com/{{tenantid}}/oauth2/token was not matching with the tenant that FHIR is located.

    Steps to validate:

    1. Decode the token generated in the Postman via https://jwt.ms and check tid value which is the tenant id (doc reference).
    2. Then compare it with the tenant id of the subscription for the health care workspace in the azure portal and see if it matches.

    You need to have the client application registration in the same tenant as FHIR resource and assign right permissions and roles for the application as described in https://learn.microsoft.com/en-us/azure/healthcare-apis/fhir/get-started-with-fhir#register-a-client-application.

    I hope this helps and let me know if any questions.