Get 401 Unauthorized request error with valid token

Question

I am querying a FHIR API server using Postman with OAuth2 token but I am getting the 401 Unauthorized request error. Could someone help me troubleshoot as I am not sure what I am doing wrong here?

I can send the token if needed to reproduce the error.

Answer 1

Check a few settings to ensure they are configured properly.

1. Select the FHIR service through the Azure portal, check if you've granted "FHIR Data Reader|Writer|Contributor|Exporter" permission to the service principal (or client application). Additionally, you may grant your login account with the same permission. This step is not required normally but if your account is a guest account in the subscription where the FHIR service is created, you may need to do so.

2. Navigate to Azure Active Directory where you have registered the client application, check if you've set up the correct Redirect URIs, "https://www.getpostman.com/oauth2/callback", and the secret is not expired. You can create a new secret if necessary.

3. In Postman, verify that you have the following settings as stated in the documentation.

Grant Type: Authorization Code

Callback URL: https://www.getpostman.com/oauth2/callback

Auth URL: https://login.microsoftonline.com/{yourtenantguid}/oauth2/?resource={yourAzureAPIforFHIRURL}

Access Token URL: https://login.microsoftonline.com/{yourtenantguid}/oauth2/token

Client ID: your client application guid

Client Secret: copy & paste the secret from the Azure portal

Scope: optional

State: optional

Client Authentication: Send as Basic Auth header

You can view and validate your access token at https://jwt.ms