Error codes and messages

Below is a list of codes and error messages. The codes are linked to error situations in order to give the user an appropriate error to report to user support in the event of failure.

There are three types of error codes:

  • Application errors (functional errors) - KJF

  • System errors - KJS

  • External errors - KJX

  • Authentication errors - AUT

System errors are not listed here, as they indicate an error on the kjernejournal side.

 

Error code

Description

KJF

KJF-000011

The provided ticket is invalid

KJF-000013

Unknown organisation

KJF-000014

The user is not registered in kjernejournal.

This can be solved by logging in to /ebp-webapp and confirming kj knownledge.

KJF-000015

The provided ticket has expired

The ticket from the helseindikator (health indicator) service has a fixed lifetime, and can not be used after it expires. The user must open the patient in the EHR again, so that a fresh ticket is retrieved from kjernejournal.

KJF-000016

National identification number not valid

KJF-000017

The patient has not status active

KJF-000018

The request is not valid according to the XSD

KJF-000019

The signature in the message is invalid

KJF-000020

The certificate in the message is signed by an untrusted CA

KJF-000021

The timestamp in the message is expired

KJF-000022

The organisation does not have access to kjernejournal

KJF-000023

The message is signed with an unsupported signing algorithm

KJF-000024

The certificate in the message is not of an accepted type (certificate policy)

KJF-000025

The certificate is expired or is not yet valid

KJF-000026

The certificate is revoked

KJF-000027

The request is missing the timestamp

KJF-000028

The timestamp in the request is valid for too long

KJF-000029

The timestamp in the request is set in the future

KJF-000030

The certificate in the message does not have the correct key usage

KJF-000059

The patient does not have a general practitioner

KJF-000065

The resource exists with a higher version number

KJF-000115

Personal signature not valid

KJF-000116

Unsupported signing algorithm for personal signature

KJF-000117

CA not valid for personal certificate

KJF-000118

Personal certificate expired or not valid yet

KJF-000119

Incorrect key usage for personal certificate

KJF-000120

Incorrect policy personal certificate

KJF-000121

Missing timestamp in request

KJF-000122

Timestamp in request is in future

KJF-000123

Timestamp in request is to old

KJF-000124

Unsupported encryption algoritme

KJF-000125

Personal certificate is revoked

KJF-000126

Person not found for OCSP request

KJF-000129

User has not access

KJF-000130

The user is registered in kjernejournal, but not as a health personnel.

This can be solved by logging in to /ebp-webapp and confirming kjernejournal knowledge.

KJF-000131

User has not confirmed kjernejournal knowledge

KJF-000132

The user does not have a valid HPR authorization

KJF-000133

The user does not have a HPR role which is granted access from this organization

KJF-000134

User is under 16 years of age

KJF-000135

Incorrect keyusage i certificat (signatur in WSS-header)

KJF-000138

Cannot create more active delineation in life-prolonging treatment

KJF-000163

The user does not have a HPR role which is granted access to kjernejournal

KJF-000168

The patient has an invalid status for this operation

KJF-000172

To many nin (fnr) in request

KJF-000173

Token not valid

KJF-000174

Subject for representation is older than 16

KJF-000175

The bearer token in the request is not a valid HelseID access token

KJF-000176

Token certificate expired

KJF-000177

Missing access for this operation

KJF-000178

Internet access restricted

KJF-000179

The patient has restricted access to this information (can still be accessed with consent or in an emergency)

KJF-000180

The specific user is blocked from access by the patient (can not be bypassed)

KJF-000185

Token has incorrect scope

KJF-000186

Token missing required scope

KJF-000190

Token has incorrect security level

KJF-000191

Token is not valid

KJF-000192

Token valid time is to long

KJF-000193

Token signature is not valid

KJF-000197

The bearer token in the request is missing the required scope

KJ expects the scope nhn:kjernejournal/api.

KJF-000198

The bearer token in the request is invalid (expired, wrong audience, too long validity)

KJF-000200

STS certificate expired

KJF-000203

User has not access to this resource

KJF-000205

Consent error

KJF-000206

The request is missing a mandatory field, or is otherwise invalid

KJF-000207

Missing internal authorisation header

KJF-000208

HelseId token is missing required claim

KJF-000213

The request is missing a required parameter

KJF-000214

The request contains an unparsable date

Dates should be specified in ISO 8601 format, in UTC, e.g. “2017-11-24T10:58:19Z”

KJF-000216

Security token has incorrect security level

KJF-000217

Request is missing consent attribute

KJF-000218

The bearer token in the request is missing a mandatory claim.

This could indicate that the wrong kind of token (system vs. user) was used.

KJF-000223

The user does not exist in kjernejournal

This should only happen during testing. Ask NHN to add the user to kjernejournal, or use another test user.

KJF-000224

Certificate has expired

KJF-000225

The calling system is authenticated using an unsupported method

When retrieving a token fra HelseID, the client must authenticate using a RSA key or enterprise certificate, not client secret.

KJF-000226

The organization is unknown to kjernejournal

KJF-000227

The organization does not have access to kjernejournal

KJF-000229

The resource does not exist

KJF-000230

Internal FHIR error

KJF-000231

Patient has not a valid status for this request

KJF-000232

Missing URL-encoding

KJF-000233

The resource in the request is invalid. See the diagnostic message for details.

KJF-000237

JWT validation failed

KJF-000238

Pid (fnr) missing in JWT

KJF-000239

Incorrect Pid (fnr)

KJF-000240

Not valid scope in JWT

KJF-000241

JWT period is not valid

KJF-000242

JWT signature not valid

KJF-000243

JWT representation not valid

KJF-000244

Patient has restricted access from internet

KJF-000245

Patient has restricted access

KJF-000246

JWT validation failed

KJF-000247

Missing internal authorisation in header

KJF-000248

Patient in JWT and request is not the same

KJF-000249

JWT issuer not supported

KJF-000250

Internal database error

KJF-000251

JWT consent not valid

KJF-000252

JWT scope not valid

KJF-000253

User role has not access to resource

KJF-000254

User or patient has not valid age for this request

KJF-000256

FHIR record version is not int

KJF-000257

Missing IdParam in delete of FHIR resource

KJF-000258

Invalid FHIR request

KJF-000259

Missing X-KJ-Ticket in header

KJF-000260

The request is invalid. See the diagnostic message for details.

KJF-000261

FHIR delete on wrong resource type

KJF-000262

Delete on unknown FHIR resource

KJF-000263

FHIR record version is not int

KJF-000264

Incorrect sub category FHIR request

KJF-000265

User has not access to delete this information

KJF-000266

User group error

KJF-000267

Invalid token

KJF-000268

User has not access to user group

KJF-000269

Missing JWT in header

KJF-000270

Unknown coding system

KJF-000271

Incorrect system in FHIR request

KJF-000272

Internal database error when handling FHIR request

KJF-000274

Patient age must be integer

KJF-000275

Data not found

KJF-000276

Code search require minimum 3 characters

KJF-000277

Internal database error

KJF-000278

Not valid update of critical information

KJF-000279

The request is missing the required Bearer token

The access token from HelseID must be sent as a bearer token in the Authorization header.

KJF-000282

Detected age of critical information cannot be higher than the patient’s age

KJF-000283

Detected age of critical information cannot be before the patient’s born date

KJF-000285

No changes was detected in the update

KJF-000290

No M25 exists for this health-id and request-id

KJF-000294

Ticket is required, but is not present in the request

KJF-000295

Missing NIN (fnr) in request

KJF-000296

User in token and request is not the same

KJF-000300

Organisation id not valid

KJF-000301

Person not found

KJF-000302

Incorrect source system in JWT

KJF-000303

Not same NIN (fnr) in token and request

KJF-000304

User role is not valid

KJF-000308

The user has not confirmed required training in kjernejournal

This can be solved by logging in to /ebp-webapp and confirming kj knownledge.

KJF-000309

Token not valid

KJF-000310

Issuer in token not valid

KJF-000311

EXP or NBF is not valid in JWT

KJF-000312

Token audience is not valid

KJF-000313

Internal configuration error for token issuer

KJF-000314

Threatening Content

KJF-000316

Not valid user group in request

KJF-000323

The consent specified in the request is not a valid consent

It must be one of the following: HPMOTTATTSAMTYKKE, HPAKUTT, or HPUNNTAK.

KJF-000331

The organization is not active in kjernejournal

KJF-000332

Code in FHIR request is not valid

KJF-000333

Invalid FHIR verification status

KJF-000334

Unknown code in FHIR request

KJF-000335

Invalid FHIR criticality

KJF-000336

Category not valid for this FHIR resource

KJF-000337

Unknown onset for FHIR resource

KJF-000338

Unknown sub category

KJF-000339

FHIR version id is not valid

KJF-000340

Invalid FHIR status in request

KJF-000345

The bearer token in the request has multiple audiences

KJ doesn’t allow tokens to have multiple audiences. When retrieving a token from HelseID, ask explicitly for only the nhn:kjernejournal/api scope, so that it gets only one audience.

KJF-000347

Value not integer

KJF-000349

The request is sent using a HTTP method that is not supported on this API

KJF-000350

The request is in an unsupported Content-Type

KJF-000351

A field in the request is not of the expected type

KJF-000352

The patient has chosen to block access for one or more healthcare professionals. Data is only shared via kjernejournal portal.

KJF-000353

Missing HTTP header X-EPJ-System

KJF-000356

Consent for override access set in header when the pasient has not set restrictions for access

KJF-000360

Not valid FHIR request

KJF-000400

Missing HTTP header X-GRUNNLAG

KJF-000503

Internal restriction service error

KJS

KJS-000026

Internal ticket generation error

KJS-000027

Ticket validation error. Try requesting a new ticket

KJS-000040

Error in client request policy

KJS-000041

Error in response policy

KJS-000077

Unexpected error

KJS-000102

Response has not the same message id as request

KJS-000111

Error client encrypted request policy

KJS-000112

OCSP service error

KJS-000113

Unexpected encryption in error

KJS-000131

User authorisation error

KJS-000132

Unexpected authorisation error

KJS-000133

User has not access to resource

KJS-000134

Unexpected error when creating internal header

KJS-000135

Unexpected ACL check error

KJS-000209

Unexpected error

KJS-000213

Internal coding system map error

KJS-000224

Failed to create FHIR resource

KJS-000225

Failed to update FHIR resource

KJS-000232

Internal error

KJS-000256

Constraints error

KJS-000264

Error in response from HelseID. TokenResponse from HelseID indicated that an error has occurred.

KJS-000303

Token claims not valid

KJS-000306

FHIR response not a bundle

KJS-000307

FHIR resource not a person resource

KJS-000308

Expected a FHIR bundle

KJS-000311

Unexpected error

KJS-000317

Unexpected SOAP error

KJS-000322

Unexpected FHIR resource in responce

KJS-000323

Unexpected FHIR error

KJS-000325

PVK operation error

KJX

KJX-000003

Kjernejournal is not able to communicate with the HPR registry at the moment.

KJX-000004

Kjernejournal is not able to communicate with the GP registry at the moment.

Authentication errors

Authentication are functional errors that can happen when a user logs on the kjernejournal portal. Not relevant for API usage.

Error code

Description

AUT_000

The user is not a registered user in kjernejournal.

If the user had a HPR role which is granted access to kjernejournal, the user would be created automatically. So this usually means that the user is missing the HPR authorization required to use kjernejournal.

AUT_002

The ticket used has expired.

The ticket from the helseindikator (health indicator) service has a fixed lifetime, and can not be used after it expires. The user must open the patient in the EHR again, so that a fresh ticket is retrieved from kjernejournal.

AUT_101

The user is not a registered user in kjernejournal.

If the user had a HPR role which is granted access to kjernejournal, the user would be created automatically. So this usually means that the user is missing the HPR authorization required to use kjernejournal.

AUT_104

The user did not have an affiliation with the organization, and did not have any roles which is granted access from this organization without affiliation.

This usually means that the user is missing the HPR authorization required to use kjernejournal.

AUT_105

The user tried to login without a ticket, but did not have an affiliation with an organization.

This should not happen when opening kjernejournal from an EHR system - check the URL and the ticket parameter.

AUT_108

The user was not found in the HPR registry, and thus does not have a HPR role which is granted access to kjernejournal.

AUT_110

The user cancelled the authorization process.

AUT_119

The ticket in the URL was invalid.

Verify that the ticket is correctly sent in the request, and that it is correctly URL encoded.

AUT_128

The user was found in the HPR registry, but did not have a HPR role which is granted access to kjernejournal.

AUT_146

The organization is not active in kjernejournal.

This should not happen when opening kjernejournal from an EHR system - check the URL and the ticket parameter.

 

© Norsk helsenett - kjernejournal