Oracle Health Insurance Agent Overview and High Level Prerequisites

Oracle Health Insurance Agent is a component that complements an Oracle Insurance Gateway instance that runs in the Oracle Cloud by providing access to on-premises resources that are not available to Oracle Insurance Gateway. This section of the guide describes the prerequisites for installing and running Oracle Health Insurance Agent. It also describes agent configuration.

Environment Overview

The following picture provides a high-level overview of the operating context for Oracle Health Insurance Agent:

OHI-agent-prerequisites

It shows the following prerequisites for using Oracle Health Insurance Agent:

  • An OAuth2 Authorization Server: Oracle Health Insurance Agent retrieves tokens from the OAuth2 Authorization Server that it uses to access Oracle Insurance Gateway. It does so using the OAuth2 client_credentials grant type. Oracle Insurance Gateway inspects the token and for this to work the OAuth2 Authorization Server must support the OAuth 2.0 Token Introspection standard (RFC 7662). Alternatively, Oracle Health Insurance Agent can also be configured to access the Oracle Insurance Gateway using Basic Authentication.

  • Oracle Health Insurance Agent - Secrets Store Prerequisites: Oracle Health Insurance Agent requires access to a secret store for retrieving secrets. An example of such a secret is the username/password credential that Oracle Health Insurance Agent uses to retrieve the OAuth2 token. Either configure a Java KeyStore or HashiCorp Vault as secret store. Details on the secret store configuration for use with Oracle Health Insurance Agent are listed elsewhere in this guide.

  • Oracle Health Insurance Agent to Oracle Insurance Gateway - SSL Secured Connection Prerequisite: Oracle Health Insurance Agent requires connections to the OAuth2 Authorization Server, Vault (optional) and the Oracle Insurance Gateway to be secured by using certificates. Details on setting up secured connections with the other components mentioned here are listed elsewhere in this guide.

  • If a load balancer is used for connecting to the Oracle Insurance Gateway make sure that it supports setting up secure connections for both the HTTP and WebSocket protocols.

Resource Authorizations in the Oracle Insurance Gateway Required for Oracle Health Insurance Agent

Oracle Health Insurance Agent connects to Oracle Insurance Gateway resources. In order to do that, the following needs be configured:

  • A user needs to be provisioned in the Oracle Insurance Gateway that matches the credential that is registered for Oracle Health Insurance Agent to connect to Oracle Insurance Gateway.

  • Moreover, that user account needs to be authorized to access the "/generic/agentconfigurations" endpoint.

Required Software for Installing and Running Oracle Health Insurance Agent

The ohi-agent.jar needs to be downloaded from the Oracle Insurance Gateway by executing a GET request to the Oracle Health Insurance Gateway’s "/agent" HTTP API resource. Note that authentication and authorization are required for accessing HTTP API resources.

Oracle Health Insurance Agent only requires a Java 11 runtime environment. Apart from parameters that must be passed at startup, Oracle Health Insurance Agent is configured through Oracle Insurance Gateway: it collects its configuration from the Oracle Insurance Gateway at startup.

Oracle Health Insurance Agent does not store state on the machine it runs on.