vlad-ignatov
commented
2 years ago Perhaps your contact at Epic meant that they only support offline_access, so try requesting that instead of online_access.
Closed AndrewStoddard closed 2 years ago
vlad-ignatov
commented
2 years ago Perhaps your contact at Epic meant that they only support offline_access, so try requesting that instead of online_access.
AndrewStoddard
commented
2 years ago I have tried to explicitly request offline_access, and remove the online_access, it had no change.
On Fri, Sep 10, 2021 at 5:05 PM vlad-ignatov @.***> wrote:
Perhaps your contact at Epic meant that they only support offline_access, so try requesting that instead of online_access.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/smart-on-fhir/client-js/issues/138#issuecomment-917210605, or unsubscribe https://github.com/notifications/unsubscribe-auth/ALYLZDJLHUJ6EYTV2OIUUK3UBJXJLANCNFSM5D2CU45A . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.
isaacvetter
commented
2 years ago This issue seems pretty unrelated to the client-js library. This might be the documentation you're looking for -- https://fhir.epic.com/Documentation?docId=oauth2§ion=Standalone-Oauth2-Launch_Access-Token-Request_With-Refresh-Tokens
vlad-ignatov
commented
2 years ago Also, I'm not sure if this applies to Epic currently, but in most systems when you register a client you have a list of "allowed scopes". This is to make sure that an app using that client_id cannot be granted wider access than originally intended. If there is something similar on Epic, make sure that the offline_access scope is enabled for your client (and then wait whatever amount of time is required for the changes to be applied).
AndrewStoddard
commented
2 years ago This issue seems pretty unrelated to the client-js library. This might be the documentation you're looking for -- https://fhir.epic.com/Documentation?docId=oauth2§ion=Standalone-Oauth2-Launch_Access-Token-Request_With-Refresh-Tokens
This is not an issue with the client js library. The issue I am facing is that in order to use the refresh or refreshIfNeeded methods, I must have and online_access or offline_access. I have received confirmation on Epic's side that our app is authorized for the offline_access scope, but it is not returned visibly to us in the token response.
I am exploring all the options I have, and this is one of those options. My hope is that there is some way to bypass the hard requirement to have one of these scopes in the client-js library, whether being able to assign the offline scope manually to the available scopes or some other way.
vlad-ignatov
commented
2 years ago If it is not an issue with the library I should have it closed (but feel free to continue posting if needed)
lucasact
commented
2 years ago I must have and online_access or offline_access. I have received confirmation on Epic's side that our app is authorized for the offline_access scope, but it is not returned visibly to us in the token response.
I am running running into a similar issue
Uncaught Error: Unable to refresh. No refresh_token found.
at Client.refresh (Client.js:816)@AndrewStoddard were you able to resolve your issue?
AndrewStoddard
commented
2 years ago Unfortunately, I was not. I ended up making a custom implementation.
On Fri, Oct 22, 2021 at 4:32 PM lucasact @.***> wrote:
I must have and online_access or offline_access. I have received confirmation on Epic's side that our app is authorized for the offline_access scope, but it is not returned visibly to us in the token response.
I am running running into a similar issue
Uncaught Error: Unable to refresh. No refresh_token found. at Client.refresh (Client.js:816)
@AndrewStoddard https://github.com/AndrewStoddard were you able to resolve your issue?
— You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub https://github.com/smart-on-fhir/client-js/issues/138#issuecomment-949942992, or unsubscribe https://github.com/notifications/unsubscribe-auth/ALYLZDITYEKGY2M4JBR22SDUIHC6HANCNFSM5D2CU45A . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.
Hello,
I am using this to integrate with the Epic EHR and am having an issue when calling refresh. I am getting an error saying that I do not have online_access or offline_access in scope. Upon further investigation, I am requesting online_access, but was informed by a contact at Epic that they return offline_access to the user. However, they do not visibly return it in the scope received. I believe this to be the reason I am receiving the error and have no control over whether or not it is visibly returned.
Do you have any options for me to still be able to use the refresh token?