Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AADSTS9002325: Proof Key for Code Exchange is required for cross-origin authorization code redemption. #3980

Open
calvinShan opened this issue Jul 23, 2024 · 5 comments
Open

AADSTS9002325: Proof Key for Code Exchange is required for cross-origin authorization code redemption. #3980

calvinShan opened this issue Jul 23, 2024 · 5 comments
Labels
Bug Bug bug bug. Review Tag for PM/Dev Review

Comments

@calvinShan
Copy link

Hi,

I download the smart applicaiton on my PC locally, and i try to use the local application Smart to connect to fhir service.
 The SPA redirect-URI is http://localhost:5000/sampleapp/index.html, which is exposed locally
 
I just try the test with your doc: https://learn.microsoft.com/en-au/azure/healthcare-apis/fhir/smart-on-fhir
The cross-origin is enabled and well configured in fhir server based on the doc

here are the errors:
scenario 1 : APP Error : AADSTS9002325: Proof Key for Code Exchange is required for cross-origin authorization code redemption.
When I use the SAP authentication:

scenario 2 : App Error :
When I use the Web Authentication, However, when I tried the web platform registration, I encountered another error. I believe using a single-page application for authentication is the recommended approach
 
so how to resolve this pb when we use SAP authentification?

Regards,
@calvinShan calvinShan added the Bug Bug bug bug. label Jul 23, 2024
@EXPEkesheth EXPEkesheth added the Review Tag for PM/Dev Review label Jul 30, 2024
@EXPEkesheth
Copy link
Collaborator

@calvinShan - are you using SMART on FHIR proxy or SMART on FHIR (enhanced)? Reference: https://learn.microsoft.com/en-us/azure/healthcare-apis/fhir/smart-on-fhir

@EXPEkesheth
Copy link
Collaborator

@calvinShan issue will be closed with no response in a week

@calvinShan
Copy link
Author

@calvinShan - are you using SMART on FHIR proxy or SMART on FHIR (enhanced)? Reference: https://learn.microsoft.com/en-us/azure/healthcare-apis/fhir/smart-on-fhir

hello, I use the smart on fhir, downloading the app aspnet, setting up the app registration clientID/clientSecret, i think the problem is about the authentication mode of app registration, i tried both WEB and SAP mode, none of them could work

regards

@evachen96
Copy link

Hi @calvinShan - we'll take a look at the issue and get back to you!

@evachen96
Copy link

Hi @calvinShan - we need some more information in order to investigate the issue. We currently have two different versions of SMART on FHIR (please see https://learn.microsoft.com/en-us/azure/healthcare-apis/fhir/smart-on-fhir). SMART on FHIR proxy (https://learn.microsoft.com/en-us/azure/healthcare-apis/fhir/smart-on-fhir#smart-on-fhir-proxy) is turned on using Azure Portal and is being deprecated. SMART on FHIR (enhanced) is the new option and available from samples (https://github.com/Azure-Samples/azure-health-data-and-ai-samples/tree/main/samples/smartonfhir).

The SPA redirect-URI that you referenced "http://localhost:5000/sampleapp/index.html" is specific to SMART on FHIR Proxy. Please confirm if you are using SMART on FHIR Proxy or SMART on FHIR (Enhanced)? Additionally, are you using the OSS FHIR server(https://github.com/microsoft/fhir-server), or the managed service FHIR server(https://learn.microsoft.com/en-us/azure/healthcare-apis/fhir/overview)?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug Bug bug bug. Review Tag for PM/Dev Review
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@EXPEkesheth @calvinShan @evachen96