I encountered 401 before and I go to 

System > Security Management > View Audit Database

and check that the token passed the authentication server, so at that moment I suspect it doesn't pass the fhir server. After asking the support, we found out that, when checking out the token, we need to add the correct audience and scope (user/*.read user/*.write) to make it work.

**example**
Access Token URL  :  https://www.somewhere.com/oauth2/token?aud=https://www.somewhere.com/csp...

Scope : user/*.read user/*.write

with corresponding client_id and client_secret

and check out the token. after that, it can pass the fhir server authentication

Oooo, this is a good suggestion!!😮 I have never think about this direction before.

Because at the beginning, I only want to write some stuff for facilitating my testing process on the FHIR repository. So I use the python library for generating some fake data and put it on a REST service...
For using it as a facade... maybe a possible way as well, maybe can replace the generated data by loading the "REAL" data from the IRIS db, right?

It is just an example for generating FHIR bundle for testing purpose, we still need a FHIR server for storing the data