403 Forbidden with Postman for FHIR service in Health Data Services

Muralidharan R 0 Reputation points
2024-04-01T07:18:03.18+00:00

Hi there,

I'm receiving 403 Forbidden error on postman despite following all the steps in https://learn.microsoft.com/en-us/azure/healthcare-apis/azure-api-for-fhir/tutorial-web-app-fhir-server and getting 403 Forbidden error when trying to call the service using Postman. I can successfully fetch the token for AAD as well as get metadata for my FHIR service but when I try to make any API calls on Patient, I get 403 forbidden. I have also assigned the RBAC role to my fhir service with "FHIR DATA CONTRIBUTOR" to my user but it doesn't work.

Screenshot from 2024-04-01 12-40-56-mh (1)

error:

{
    "resourceType": "OperationOutcome",
    "id": "80823ab78fdca4ed6ac74d80ebb98f95",
    "meta": {
        "lastUpdated": "2024-04-01T07:06:50.7520201+00:00"
    },
    "issue": [
        {
            "severity": "error",
            "code": "forbidden",
            "diagnostics": "Authorization failed."
        }
    ]
}
Azure Health Data Services
Azure Health Data Services
An Azure offering that provides a suite of purpose-built technologies for protected health information in the cloud.
168 questions
{count} votes

1 answer

Sort by: Most helpful
  1. JananiRamesh-MSFT 28,081 Reputation points
    2024-04-03T16:47:07.1433333+00:00

    @Muralidharan R Thanks for reaching out. Could you please let me know which process you are using to get an access token? also please decode the access token using a tool like https://jwt.ms the audience should match what is in the "authentication" tab. Usually this is the URL of the FHIR Service

    Please verify and let me know if issue persists.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.