This problem affects the following products:
- HealthShare Unified Care Record 2020.1, 2020.2, 2021.1
- InterSystems IRIS for Health 2020.1, 2020.1.1, 2020.2, 2020.3, 2021.1, 2021.2
If a FHIR query response is paginated, the system does not properly handle OAuth tokens on subsequent pages. The behavior varies by product:
- When using the FHIR Gateway in the HealthShare ODS, an initial search response functions as expected. If the result set breaks across pages, attempts to resolve the “next” URL for the next page of search results will yield a HTTP 403 error.
- When using the FHIR Repository in InterSystems IRIS for Health, an initial search response functions as expected. If the result set breaks across pages, attempts to resolve the “next” URL for the next page of search results will succeed if the user has a valid Access Token however, OAuth scopes are not correctly validated.
To resolve this issue, please request an adhoc patch for IF-2575 from the
Worldwide Response Center (WRC).