OAuth 2.0 Clients

For system-to-system integrations, OAuth 2.O clients are registered with Oracle Cloud Identity Domain and in order to access the RESTful APIs of Oracle Health Insurance applications an OAuth 2.0 access token is required. This token must be obtained from the Oracle Identity Domain associated with the Oracle Health Insurance Cloud Services environment.

Oracle provides OAuth 2.0 Resource Server definitions for each Oracle Health Insurance Cloud Services environment. These Resource Server definitions include:

• Primary Audience

• List of Scopes

The Primary Audience is equivalent to the API hostname for the environment.

The term Scope typically refers to the level of access and permissions granted to users, groups, or resources within the Oracle Health Insurance Cloud Services. Using the scope parameter, the access token can grant different levels of access to multiple Oracle Health Insurance APIs. For example, use the urn::ohi-components-apis scope when you need to access any Oracle Health Insurance components API in the given application deployment. This provides clients with access to only the resources they need to do their work.

User can select multiple scopes.

So, OAuth 2.0 clients must be registered and granted the set of scopes of the selected environments. The audience of OAuth 2.0 access tokens obtained through these clients must match the hostname of the Oracle Health Insurance Cloud Services environment.

For more information on User Provisioning, see User Provisioning for Onboarding.