Cerner (Oracle Health) · OAuth Scopes

Cerner (Oracle Health) OAuth Scopes

OAuth 2.0 derived

Cerner (Oracle Health) publishes 4 OAuth 2.0 scopes via the authorizationCode and clientCredentials flows. Scopes are the fine-grained permissions an application requests at authorization time to act against the Cerner (Oracle Health) API on a user’s behalf.

Tokens are issued from https://authorization.cerner.com/tenants/{tenant}/protocols/oauth2/profiles/smart-v1/token.

This index is generated from the provider’s OpenAPI security definitions (and, where available, its documented scope reference) and refreshes on every APIs.io network build. Browse every provider’s scopes at scopes.apis.io.

Cerner MillenniumCode ConsoleEHRElectronic Health RecordsFHIRHL7HealthcareInteroperabilityOAuth 2.0Oracle HealthPatient AccessProvider DirectorySMART on FHIRFortune 1000
Scopes: 4 Flows: authorizationCode, clientCredentials Method: derived

OAuth endpoints

Authorization URL
https://authorization.cerner.com/tenants/{tenant}/protocols/oauth2/profiles/smart-v1/personas/patient/authorize
Token URL
https://authorization.cerner.com/tenants/{tenant}/protocols/oauth2/profiles/smart-v1/token
Flows
authorizationCodeclientCredentials

Scopes (4)

ScopeDescriptionFlows
patient/*.read Read all patient-scoped resources. authorizationCode
system/*.read System-level read access. authorizationCode, clientCredentials
system/*.write System-level write access. clientCredentials
user/*.read Read all user-scoped resources. authorizationCode

Source

OAuth Scopes

cerner-scopes.yml Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/cerner-oracle-health-fhir-r4-api-openapi.yml
schemes:
- name: oauth2
  source: openapi/cerner-oracle-health-fhir-r4-api-openapi.yml
  flows:
  - flow: authorizationCode
    authorizationUrl: https://authorization.cerner.com/tenants/{tenant}/protocols/oauth2/profiles/smart-v1/personas/patient/authorize
    tokenUrl: https://authorization.cerner.com/tenants/{tenant}/protocols/oauth2/profiles/smart-v1/token
  - flow: clientCredentials
    tokenUrl: https://authorization.cerner.com/tenants/{tenant}/protocols/oauth2/profiles/smart-v1/token
  description: SMART on FHIR OAuth 2.0 with patient, user, and system scopes.
scopes:
- scope: patient/*.read
  description: Read all patient-scoped resources.
  flows:
  - authorizationCode
  sources:
  - openapi/cerner-oracle-health-fhir-r4-api-openapi.yml
- scope: system/*.read
  description: System-level read access.
  flows:
  - authorizationCode
  - clientCredentials
  sources:
  - openapi/cerner-oracle-health-fhir-r4-api-openapi.yml
- scope: system/*.write
  description: System-level write access.
  flows:
  - clientCredentials
  sources:
  - openapi/cerner-oracle-health-fhir-r4-api-openapi.yml
- scope: user/*.read
  description: Read all user-scoped resources.
  flows:
  - authorizationCode
  sources:
  - openapi/cerner-oracle-health-fhir-r4-api-openapi.yml