Customer-Configurable Application Properties
This section explains the properties that customer administrators can update within Oracle Health Insurance Cloud Services (OHI CS). These properties include settings related to user interface customizations, cache control, performance tuning, and specific application behavior adjustments.
|
Only the properties with Change Effective value as After Restart require a restart. |
Australian Localization
The following table lists the generic system properties for Oracle Insurance Gateway in the context of Australian localizations.
ohi.as2805_a.claim.origin
MANDATORY
A value for this system property is required and identifies the origin of a 0200-170000 or a 0200-171000 request in the context
of AS2805_A. This mandatory property reflects the proprietary name of AS2805_A.
Possible values: Boolean
Default value:
Change effective: After Restart
Access Mode: Public
ohi.as2805_a.provider.reference.prefix
MANDATORY
A value for this system property is required and identifies the prefix value used for the provider reference in the context of
AS2805_A.
Possible values: PROVIDER
Default value:
Change effective: Immediate
Access Mode: Public
ohi.as2805_b.claim.origin
MANDATORY
A value for this system property is required and identifies the origin of a 0200-170000 request in the context of AS2805_B. This
mandatory property reflects the proprietary name of AS2805_B.
Possible values: Boolean
Default value:
Change effective: After Restart
Access Mode: Public
ohi.as2805_b.provider.reference.prefix
MANDATORY
A value for this system property is required and identifies the prefix value used for the provider reference in the context of
AS2805_B.
Possible values: PROVIDER
Default value:
Change effective: Immediate
Access Mode: Public
ohi.integration.australia
A value of true means that the Australian module will be activated at system start-up.
Possible values: Boolean
Default value: false
Change effective: After Restart
Access Mode: Public
ohi.integration.australia.eclipse.client.identifier
Client identifier as provided during software registration
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.device.name
Device name as given / used during device registration
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.expiry.times.timezone
The time zone for device and key expiry times.The identifier usually has the format region/city, e.g. Australia/Sydney
Possible values: String
Default value: Australia/Sydney
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.jwt.assertion.aud
JWT Assertion audience
Possible values: String
Default value: https://proda.humanservices.gov.au
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.jwt.assertion.sub
JWT Assertion sub name, usually the same as the software instance or device name
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.key.expiry.time.margin
Safety margin in seconds for key expiry time
Possible values: Integer ≥ 1
Default value: 3600
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.organization.identifier
Organization identifier as used during device registration
Possible values: Integer ≥ 1
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.ping.header.audit.id
The class of the audit(id) while pinging agency
Possible values: String
Default value: WEB00001
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.ping.header.audit.id.type
The class of audit(type) user specified while pinging agency
Possible values: String
Default value: Location Id
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.ping.header.ibm.client.id
x-ibm-client-id used while pinging agency
Possible values: String
Default value: http://humanservices.gov.au/PRODA/org
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.ping.header.location.id
The class of the location(id) while retriving token also used in the dhs-correlationId
Possible values: String
Default value: WEB00001
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.ping.header.product.id
Product id used while pinging agency
Possible values: String
Default value: ECLIPSE API V1.0
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.ping.header.subject.id
The class of subject user(id) specified while pinging agency
Possible values: String
Default value: WEB00001
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.ping.header.subject.id.type
The class of the subject(type) while retrieving token
Possible values: String
Default value: Fund Location Id
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.ping.request.url
Eclipse ping request URL.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.refresh.key.url
ECLIPSE Refresh Device Key URL. The specified value requires placeholders org_id and device_name. At runtime, the system replaces
the placeholders with the values of system properties ohi.integration.australia.eclipse.organization.identifier and
ohi.integration.australia.eclipse.device.name respectively. Sample value:
https://some.host.gov.au/context_root/api/b2b/v1/orgs/org_id/devices/device_name/jwk
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.service.provider.<0>
Service Provider for a REST Delivery Integration Step.The placeholder is the REST Client ID for the Integration Step
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.service.provider.<0>.audience
The placeholder value is the REST Client ID for the Integration Step which is defined as destination code.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.si.activation.url
ECLIPSE Software Instance Activation URL. The specified value requires a placeholder device_name.At runtime, the system replaces
the placeholder with the value of system property ohi.integration.australia.eclipse.device.name. Sample value:
https://some.host.gov.au/context_root/api/b2b/v1/devices/device_name/jwk
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.softwareinstance.name
Name of the Software Instance
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.token.header.audit.id.type
The class of audit user specified while retriving token
Possible values: String
Default value: http://humanservices.gov.au/PRODA/org
Change effective: Next Execution
Access Mode: Public
ohi.integration.australia.eclipse.token.header.subject.id.type
The class of the subject while retriving token
Possible values: String
Default value: http://humanservices.gov.au/PRODA/device
Change effective: Next Execution
Access Mode: Public
Cache Control
Callout Properties
Data Exchange
ohi.application.uri.<0>
MANDATORY
Reference to URI of the source application to retrieve data-sets metadata to be processed. Either "CONF" or "PRD" as values
replace the <0>. It is possible to define multiple URI’s, with ";" separating each.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.<0>.endpoint.request
Allows for web service client interactions to identify their request URI destination. The system uses this property to get the
URI for the end point. The notification key replaces the <0>. Sample value is \\http://machine.domain:port/<0>.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
Data Set Operations
ohi.datasetoperations.notification.endpoint.export
This property is about the Data Set Operations Integration Point, for export usages. It contains a URI that refers to the
notification message, once the process of uploading the data set payload completes this message is sent.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.datasetoperations.notification.endpoint.import
This property is about the Data Set Operations Integration Point, for import usages. It contains a URI that refers to the
notification message, once the process of uploading the data set payload completes this message is sent. Error messages prevent
the import from happening.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
Dynamic Logic
ohi.dynamiclogic.timeout
An optional property that determines the timeout of a running Dynamic Logic. If the timeout expires, the system interrupts the
Dynamic Logic and throws an exception. The value is in seconds. Please note that when you add/update a Dynamic Logic timeout
property, the Dynamic Logic needs to recompile for the property change to take effect. You can do this by using the "Invalidate
Dynamic Logic Integration Point".
Possible values: Integer ≥ 0
Default value: 300
Change effective: Next Execution
Access Mode: Public
ohi.dynamiclogic.timeout.<0>
An optional property that determines the timeout of the running Dynamic Logic. If the timeout expires, the system interrupts the
Dynamic Logic and throws an exception. The value is in seconds. This property is for a particular Dynamic Logic code, so replace
the placeholder <0> with the Dynamic Logic code for which you want to specify the timeout. Please note that when you add/update a
Dynamic Logic timeout property, the Dynamic Logic needs to recompile for the property change to take effect. You can do this by
using the "Invalidate Dynamic Logic Integration Point". If this property is not set, it takes the value of
ohi.dynamiclogic.timeout (which in its turn has a default of '300').
Possible values: Integer ≥ 0
Default value:
Change effective: Next Execution
Access Mode: Public
Blocking Integration Interaction Pattern
The system uses the following properties to provide the notion of seemingly blocking integration interaction.
The system automatically adjusts the pool size according to the bounds set by ohi.exchange.await.core.poolsize and ohi.exchange.await.max.poolsize.
Monitoring and Metrics
ohi.instrumentation.common.application.tag
Set to true to tag each metric with the name of the application.
Possible values: Boolean
Default value: false
Change effective: After Restart
Access Mode: Public
ohi.instrumentation.filter.ohi.nameprefix
Set to false to enable recording of non-OHI metrics.
Possible values: Boolean
Default value: true
Change effective: After Restart
Access Mode: Public
ohi.instrumentation.gather.applicationmetrics
Set to true to enable recording of OHI metrics.
Possible values: Boolean
Default value: false
Change effective: Immediate
Access Mode: Public
ohi.instrumentation.gather.gc
Set to true to enable recording of garbage collection metrics.
Possible values: Boolean
Default value: false
Change effective: After Restart
Access Mode: Public
ohi.instrumentation.gather.jvm
Set to true to enable recording of JVM metrics.
Possible values: Boolean
Default value: false
Change effective: After Restart
Access Mode: Public
ohi.instrumentation.gather.system
Set to true to enable recording of system metrics.
Possible values: Boolean
Default value: false
Change effective: After Restart
Access Mode: Public
ohi.instrumentation.gather.<0>
Set to true to enable recording of metrics for the metric set. The placeholder value is the code of the metric set
Possible values: Boolean
Default value: true
Change effective: Immediate
Access Mode: Public
ohi.instrumentation.resourceclienttimer.segment.prefixes
Comma-separated list of resource path segment prefixes for resource client timers that the system interprets as not being the
last segment of the resource path.
Possible values: Comma-separated string, e.g. api,oig-api,policies-ws
Default value:
Change effective: After Restart
Access Mode: Public
ohi.instrumentation.<0>.histogram
Determines whether to publish histogram buckets for the timer you configure.
Possible values: Boolean
Default value: false
Change effective: After Restart
Access Mode: Public
ohi.instrumentation.<0>.percentiles
Percentiles for the timer you configure.
Possible values: Comma-separated string, e.g. 0.5,0.75,0.95,0.99
Default value:
Change effective: After Restart
Access Mode: Public
ohi.instrumentation.<0>.regex
The system publishes data for the timer if the tag name that you specify as property ohi.instrumentation.<0>.regex.tagname
matches this regular expression.
Possible values: Regular expression
Default value:
Change effective: After Restart
Access Mode: Public
ohi.instrumentation.<0>.regex.tagname
Tag name subject to testing with the regular expression that you specify as property ohi.instrumentation.<0>.regex. The system
publishes data for the timer if the tag name matches the regular expression.
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Public
For ohi.instrumentation.gather.<0> the placeholder values are: dylo, activityprocessing, extract, persistence, resource, task, springbatch, datareplication.
|
See the Operations Guide for details about metric-related properties.
Purge Notification Properties
ohi.purge.notification.endpoint
The base URI of the system that is going to receive notification events.
Possible values: String, as URL
Default value:
Change effective: Immediate
Access Mode: Public
ohi.purge.notification.endpoint.<0>
This overrides any value that has been specified for ohi.purge.notification.endpoint for the specific {PURGE TYPE}. Possible
purge types: 'PurgeEvent', 'PurgeExchange', 'PurgeTechnicalData'.
Possible values: String, as URL
Default value:
Change effective: Immediate
Access Mode: Public
Task Processing
ohi.processing.attemptLogLevel
A non-zero value for this property means that the system retains data (That is, extra_info) for failed attempts.
Possible values: Integer ≥ 0
Default value: 0
Change effective: Next Execution
Access Mode: Public
Specifically for Oracle Insurance Gateway, Oracle recommends setting the value for
ohi.processing.fillthreshhold to the value of ohi.processing.filldepth + 1.
Rationale: Tasks in Oracle Insurance Gateway can take a relatively long time to complete. As the application only fetches additional work from the queue if the fill depth drops below the fill threshold, these longer-running tasks can prevent the system from fully utilizing its processing capacity.
Using OAuth 2.0 for REST Client Invocations
Oracle Health Insurance applications RESTful services are OAuth 2.0 protected. In that case, the application validates and introspects OAuth 2.0 access tokens sent as Bearer tokens in the HTTP Authorization header.
For more information, see Authenticate using OAuth 2.0.
The following table lists OAuth 2.0 REST Client and server side properties.
ohi.oauth.accesstoken.expiry.time.delay
To model the overhead of fetching an access token from an OAuth2 authorization server for caching the access token in the REST
client. For example, to account for some network delay between the client and the authorization server. For example, if the
authorization server returns a token with an expiry time of 3600 seconds and if the network delay is 100 ms, then you can
configure 100 ms for this key. The system will cache the resulting access token for the original expiry time minus overhead time,
that is, 3600000 - 100 = 3599900 ms. You must specify the value in milliseconds.
Possible values: Integer ≥ 0
Default value: 10
Change effective: Immediate
Access Mode: Public
ohi.oauth.jwk.set.url
The URL value for the OAuth2 authorization server JSON Web Key (JWK) Set endpoint. The OAuth2 authorization server must support
RFC 7517. Token Validation Method is JWKSET.
Possible values: String, URL
Default value:
Change effective: After Restart
Access Mode: Public
ohi.oauth.jwk.set.validation.audience
Client Id or audience claim for Token Validation. Token Validation Method is JWKSET.
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Public
ohi.oauth.jwk.set.validation.issuer
Issuer for Token Validation. Token Validation Method is JWKSET.
Possible values: String or URL
Default value:
Change effective: After Restart
Access Mode: Public
ohi.oauth.jwk.set.validation.jws.signing.algorithm
Signing algorithm that the Authorization Server uses. Token Validation Method is JWKSET.
Possible values: String
Default value: RS256
Change effective: After Restart
Access Mode: Public
ohi.oauth.jws.signing.algorithm
Algorithm for signing the JWT token that an OHI application generates for obtaining an OAuth2 access token through the assertion
grant type (where the JWTis used as an assertion). Note that it only supports RSA algorithms.
Possible values: RS256, RS384, RS512
Default value: RS512
Change effective: Immediate
Access Mode: Public
ohi.oauth.jwt.expiration.period
Expiration period (in seconds) for the JWT token that an OHI application generates for obtaining an OAuth2 access token through
the assertion grant type (where the JWT is used as an assertion) .
Possible values: 0 ≤ Integer ≤ 9999
Default value: 600
Change effective: Immediate
Access Mode: Public
ohi.oauth.jwt.userid.claim
Specifies the claim in the JWT that can identify the user for which the system creates the OAuth2 access token. Token Validation
Method is JWKSET.
Possible values: String
Default value: sub
Change effective: Immediate
Access Mode: Public
ohi.oauth.openidconnect.accesstoken.client_id
Client ID of the OpenID Connect client that has to be present to acquire an access token.
Possible values: String
Default value:
Change effective: Immediate
Access Mode: Public
ohi.oauth.openidconnect.accesstoken.credential
Credential associated with the OpenID Connect client that has to be present to acquire an access token.
Possible values: String
Default value:
Change effective: Immediate
Access Mode: Public
ohi.oauth.token.introspection.endpoint.client_id
Unique Client Id for resolving the username and password credentials. When calling the OAuth2 authorization server token
validation or introspection endpoint, the system uses this unique Client Id to construct the Basic Authentication Authorization
header. Token Validation Method is OAUTH2_ENDPOINT.
Possible values: String
Default value:
Change effective: Immediate
Access Mode: Public
ohi.oauth.token.introspection.endpoint.url
The URL value for the OAuth2 authorization server token validation or introspection endpoint. It assumes that the endpoint
supports Basic Authentication. Token Validation Method is OAUTH2_ENDPOINT.
Possible values: String, URL
Default value:
Change effective: After Restart
Access Mode: Public
ohi.oauth.token.introspection.response.username
Specifies the RFC 7662 defined Introspection Response element to derive the username from. Token Validation Method is
OAUTH2_ENDPOINT.
Possible values: String
Default value: sub
Change effective: Immediate
Access Mode: Public
ohi.oauth.token.issuer.<0>
For Token Validation. Specific issuer identifier. Requires use of properties ohi.oauth.token.issuers and
ohi.oauth.token.issuer.<0>.user.claim.
Possible values: String or URL
Default value:
Change effective: After Restart
Access Mode: Public
ohi.oauth.token.issuer.<0>.user.claim
For Token Validation. Issuer-specific user claim. Requires use of properties ohi.oauth.token.issuers and
ohi.oauth.token.issuer.<0>.
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Public
ohi.oauth.token.issuers
For Token Validation. Comma-separated string of possible token issuers. Requires use of properties ohi.oauth.token.issuer.<0>
and ohi.oauth.token.issuer.<0>.user.claim.
Possible values: Comma-separated string, e.g. oracle_idcs,azure_ad
Default value:
Change effective: After Restart
Access Mode: Public
ohi.oauth.token.jwt.assertion.param.name
Name of JWT assertion parameter used in OAuth token request. It could be different across OAuth server.
Possible values: String
Default value: assertion
Change effective: Immediate
Access Mode: Public
ohi.oauth.token.validation.method
Determines the access Token Validation Method. Possible values: JWKSET: The resource server validates the OAuth2 access tokens .
Assuming the token is a JWT, validates it against a JSON Web Key (JWK) Set as defined by RFC 7517. The source of the JWK Set is
an endpoint that an OAuth2 authorization server exposes. Use this method to validate ID tokens that an OpenID Provider
issues.OAUTH2_ENDPOINT: validates the token using an OAuth2 authorization server’s token introspection endpoint as defined by RFC
7662.
Possible values: JWKSET, OAUTH2_ENDPOINT
Default value: JWKSET
Change effective: Immediate
Access Mode: Public
Claims in an OAuth 2.0 token can differ per token issuer. The following example demonstrates mapping a specific claim in an access token to Oracle Health Insurance User based on the issuer of the token:
# configure multiple token issuers as comma-separated string ohi.oauth.token.issuers=oracle_idcs,azure_ad # configure issuer to user claim mapping for issuer oracle_idcs ohi.oauth.token.issuer.oracle_idcs=https://identity.oraclecloud.com/ ohi.oauth.token.issuer.oracle_idcs.user.claim=sub # configure issuer to user claim mapping for issuer azure_ad ohi.oauth.token.issuer.azure_ad=https://sts.windows.net/fa15d692-e9c7-4460-a743-29f29522229/ ohi.oauth.token.issuer.azure_ad.user.claim=oid
Web Service Settings
ohi.ws.fileimport.filesrootdirectory
MANDATORY
Use this property to give the root directory path that the File Import uses. This is for security reasons, it ensures that the
files are in a specific area only.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Protected
ohi.ws.api.default.pagesize
Number of items fetched in a HTTP API request.
Possible values: Integer ≥ 1
Default value: 50
Change effective: Next Execution
Access Mode: Protected
ohi.ws.client.connectiontimeout
The time in milliseconds before the attempt to connect to an outbound service times out. A value of 0 means never timeout.
Possible values: Integer ≥ 0
Default value: 60000
Change effective: Immediate
Access Mode: Public
ohi.ws.client.maxconnectionsperhost
The maximum number of concurrent connections the HTTP client will allow to a certain host at any given moment.
Possible values: Integer ≥ 1
Default value: 2
Change effective: Immediate
Access Mode: Public
ohi.ws.client.maxtotalconnections
Sets the maximum number of total concurrent connections the HTTP client will allow at any given moment.
Possible values: Integer ≥ value of ohi.ws.client.maxconnectionsperhost
Default value: 20
Change effective: Immediate
Access Mode: Public
ohi.ws.client.readtimeout
The time in milliseconds that the client will wait for the server to respond to the request. A value of 0 means never timeout.
Possible values: Integer ≥ 0
Default value: 60000
Change effective: Immediate
Access Mode: Public
ohi.ws.client.retrytimeout
The time in milliseconds that the system will wait before it makes another attempt to access a failing service. A value of 0
means no timeout before retrying.
Possible values: Integer ≥ 0
Default value: 1000
Change effective: After Restart
Access Mode: Public
ohi.ws.last.login.update.threshold
The number of hours that need to pass between logins before updating the user’s last login timestamp. By default, the last login
timestamp will not update more than once per hour. This only applies to logins through a web service
Possible values: Integer ≥ 1
Default value: 1
Change effective: Next Execution
Access Mode: Public
The following are some additional service settings:
ohi.service.client.pool.active
Enable or disable to leverage connection pool functionality
Possible values: Boolean
Default value: true
Change effective: After Restart
Access Mode: Public
ohi.service.client.pool.destination.maxconnections
The maximum number of connections in the pool per destination. Effective immediately for non-cached clients.
Possible values: Integer ≥ 1
Default value: 64
Change effective: After Restart
Access Mode: Public
ohi.service.client.pool.destination.maxqueued
The maximum number of connections in the pool allowed to be queued per destination. Effective immediately for non-cached clients.
Possible values: Integer ≥ 1
Default value: 1024
Change effective: After Restart
Access Mode: Public
ohi.service.client.pool.timeout.addressresolution
The max time, in milliseconds, to resolve the host address. Effective immediately for non-cached clients.
Possible values: Integer ≥ 1
Default value: 15000
Change effective: After Restart
Access Mode: Public
ohi.service.client.pool.timeout.connection
The time in milliseconds before the attempt to connect to an outbound service times out. Effective immediately for non-cached
clients.
Possible values: Integer ≥ 1
Default value: 15000
Change effective: After Restart
Access Mode: Public
ohi.service.client.pool.timeout.idle
The max time, in milliseconds, a connection can be idle. Effective immediately for non-cached clients.
Possible values: Integer ≥ 1
Default value: 60000
Change effective: After Restart
Access Mode: Public
ohi.service.client.response.content.maxsize
Maximum allowed response content size in MegaBytes (MB).
Possible values: Integer ≥ 1
Default value: 2147
Change effective: After Restart
Access Mode: Public
ohi.service.<0>.client.authentication
This property specifies the (Jersey/REST specific) authentication mechanism to use for machine-to-machine communication.
Allowable values are 'None', 'BasicAuthentication' (and 'OAuth'). The notification key replaces the <0>.
Possible values: String
Default value: BasicAuthentication
Change effective: Next Execution
Access Mode: Public
ohi.service.<0>.client.pool.destination.maxconnections
The maximum number of connections in the pool per destination for client <0>. Effective immediately for non-cached clients.
Possible values: Integer ≥ 1
Default value:
Change effective: After Restart
Access Mode: Public
ohi.service.<0>.client.pool.destination.maxqueued
The maximum number of connections in the pool allowed to be queued per destination for client <0>. Effective immediately for
non-cached clients.
Possible values: Integer ≥ 1
Default value:
Change effective: After Restart
Access Mode: Public
ohi.service.<0>.client.pool.timeout.addressresolution
The max time, in milliseconds, to resolve the host address. This property is specific to client <0>. Effective immediately for
non-cached clients.
Possible values: Integer ≥ 1
Default value:
Change effective: After Restart
Access Mode: Public
ohi.service.<0>.client.pool.timeout.connection
The max time, in milliseconds, a connection can take to connect to destinations. A value of 0 means never timeout. This property
is specific to clientId <0>. Effective immediately for non-cached clients.
Possible values: Integer ≥ 1
Default value:
Change effective: After Restart
Access Mode: Public
ohi.service.<0>.client.pool.timeout.idle
The max time, in milliseconds, a connection can be idle. This property is specific to client <0>. Effective immediately for
non-cached clients.
Possible values: Integer ≥ 1
Default value:
Change effective: After Restart
Access Mode: Public