Cannot authenticate HPR ID to declare Health Facility using API

satwik_tanwar · May 20, 2023, 5:32am

My clien_id is SBX_002419. I registered myself in sandbox HPR at this link with a facility manager role to act as a nodal contact for the facilities I wish to declare for my HRP.

I used https://hpridsbx.abdm.gov.in/api/v2/auth/authPassword API to generate a token which can be further used to declare a health facility for my HRP as mentioned in the documentation but I got a “401 Unauthorised” response after calling this API even though all the headers and body components were correct.

Can anyone from ABDM team confirm if my client_id have appropriate authorization to use this API and if not, I request you to provide HP ID access for my client_id SBX_002419 so that I can build my HRP application. I hope to hear back from you soon.

@Ramandeep1 @Shubhanshu_Shukla @IntegrationSupport can you please look into it.

IntegrationSupport · May 20, 2023, 6:35am

@satwik_tanwar, you do not seem to have required roles to access these APIs. Can you input your access token in jwt.io and share the output with us please?

satwik_tanwar · May 20, 2023, 6:49am

Here @IntegrationSupport
{
“exp”: 1684565845,
“iat”: 1684565245,
“jti”: “e1f0dbc5-7265-4e33-92e8-87ff797382a0”,
“iss”: “https://dev.ndhm.gov.in/auth/realms/central-registry”,
“aud”: “account”,
“sub”: “d28973d9-b4b5-4d57-b17c-1e060a43827d”,
“typ”: “Bearer”,
“azp”: “SBX_002419”,
“session_state”: “1cb515a6-acda-4028-b784-adddb170199b”,
“acr”: “1”,
“allowed-origins”: [
“http://localhost:9007”
],
“realm_access”: {
“roles”: [
“hiu”,
“offline_access”,
“healthId”,
“OIDC”,
“hip”
]
},
“resource_access”: {
“SBX_002419”: {
“roles”: [
“uma_protection”
]
},
“account”: {
“roles”: [
“manage-account”,
“manage-account-links”,
“view-profile”
]
}
},
“scope”: “openid email profile”,
“clientId”: “SBX_002419”,
“clientHost”: “10.233.67.115”,
“email_verified”: false,
“preferred_username”: “service-account-sbx_002419”,
“clientAddress”: “10.233.67.115”
}

IntegrationSupport · May 22, 2023, 4:10am

@satwik_tanwar, required roles are not assigned to your client id; we will now share the same with our tech team. thanks.

IntegrationSupport · May 22, 2023, 4:13am

@Ramandeep1- SDFI-3895 raised.

Ramandeep1 · May 22, 2023, 5:01am

@satwik_tanwar roles have been assigned to the mentioned client id.

Thanks

nishu.kivihealth · January 2, 2024, 10:23am

@IntegrationSupport @Ramandeep1
I am also facing same issue. Could you also please look into this. Sharing the decoded JWT token and client id below.
Client ID: SBX_004638
Decoded Token

{
“exp”: 1704210997,
“iat”: 1704189397,
“jti”: “d5172557-f565-456e-aa8c-646d3b925b9c”,
“iss”: “https://dev.ndhm.gov.in/auth/realms/central-registry”,
“aud”: “account”,
“sub”: “4ad5595e-a769-48bb-92f3-6ebe2990f1a5”,
“typ”: “Bearer”,
“azp”: “SBX_004638”,
“session_state”: “936a118a-3be4-41db-99c5-bc9c537897c8”,
“acr”: “1”,
“allowed-origins”: [
“http://localhost:9007”
],
“realm_access”: {
“roles”: [
“hiu”,
“offline_access”,
“healthId”,
“OIDC”,
“hip”
]
},
“resource_access”: {
“SBX_004638”: {
“roles”: [
“uma_protection”
]
},
“account”: {
“roles”: [
“manage-account”,
“manage-account-links”,
“view-profile”
]
}
},
“scope”: “openid email profile”,
“clientId”: “SBX_004638”,
“clientHost”: “10.233.69.221”,
“email_verified”: false,
“preferred_username”: “service-account-sbx_004638”,
“clientAddress”: “10.233.69.221”
}

IntegrationSupport · January 2, 2024, 11:28am

@nishu.kivihealth For facility related queries please email at- “Health Facility Registry” facility.abdm@nha.gov.in;