Error Messages
Here is a list of a few common OAuth-related error messages that can be thrown by HDR FHIR APIs and the associated remediation steps.
Table 5-1 OAuth-Related Error Messages
HTTP Status Code | Message | Meaning | Remediation |
---|---|---|---|
401 |
BAD_TOKEN: Invalid Algorithm. Algorithm is empty or not supported. |
Signature algorithm is empty or not supported by the FHIR server. |
Recommended algorithm is RS256. Make sure JWT header contains - "alg": "RS256". |
200, 201 |
-- |
Success. |
Authentication was successful. Operation was successful. |
401 |
BAD_TOKEN: Invalid JWT token. Bad claims. Expired JWT |
Unauthorized - expired OAuth token sent in request. |
Current access token has expired. Obtain a fresh access token from OAuth Server and use it. |
401 |
BAD_TOKEN: Invalid JWT token. Token is null or empty. |
Unauthorized - no OAuth token sent in request. |
Obtain a valid access token from OAuth Server. Pass it in request as bearer token in HTTP Auth header. |
401 |
<Other error messages that start with "BAD_TOKEN: Invalid JWT token'' > |
Unauthorized - reason to be investigated. |
Contact HDR administrator with the error message for further assistance. |
401 |
BAD_TOKEN: Invalid JWT token. Bad claims. Invalid 'aud' attribute. Expected audience '<correct_audience>' does not exist in audience '<incorrect_audience>' |
Unauthorized - token sent has incorrect audience value specified. |
Ensure that you are using a correct audience value while requesting access token from OAuth Server. |