Application Properties
Application properties influence the behavior of the application. Administrators use properties to set timeout values, URL addresses, processing settings, etc.
You can set an application property through the:
-
ohi-capitation.properties file
-
Properties API
You can set all properties through both the properties file and the Properties API. If you set a property through the properties file, then the property cannot be set through the API. However, the API does not return an error when trying to set a property through the API when there is already one set through the properties file.
You can check pre-set properties in the Properties file using the Current Properties IP. See Current Properties for more information.
The pre-set properties have the readOnly
attributes with the value true
.
Cloud customers must contact the support or the AMS team to change any read-only properties. |
You must specify each property name with its value on a separate line in the property file. Every new Oracle Health Insurance Value-Based Payments release has a different set of supported properties. You can use the Property Definitions to view the list of all available properties.
Changes to the property file do not take effect immediately.
By default, the application scans the file for changes every ten minutes.
You can change the scanning interval to a minimum of one minute using the ohi.properties.file.poll.interval
property.
The following tables describe the properties available in this release:
Only the properties with Change Effective value as After Restart require a restart. |
Properties File
ohi.properties.file.poll.interval
The application does not pick up changes to any of these properties immediately. That only happens when it reads the
properties-file again. This property specifies how often the system will read the file, in minutes. Default value, every 10
minutes. Minimum value, 1 minute. The system ignores values lower than that, meaning it uses the default value.
Possible values: Integer ≥ 1
Default value: 10
Change effective: Next Execution
Access Mode: Protected
Base View Generator
Dynamic Logic
ohi.dynamiclogic.classes.directory
Path to directory in which the system places the generated Dynamic Logic classes.
Possible values: String
Default value: /tmp
Change effective: Next Execution
Access Mode: Protected
ohi.dynamiclogic.startup.compile
An optional property that determines whether to compile the Dynamic Logic (those who are not compiled before) at the startup of
the application or not.
Possible values: Boolean
Default value: true
Change effective: Next Execution
Access Mode: Protected
ohi.dynamiclogic.startup.compile.await.timeout
Max time (in milliseconds) for which nodes should wait for the oldest node to mark the status of pre-compilation as complete
Possible values: Integer ≥ 1
Default value: 30000
Change effective: After Restart
Access Mode: Protected
ohi.dynamiclogic.timeout
An optional property that determines the timeout of a running Dynamic Logic. If the timeout expires, the system interrupts the
Dynamic Logic and throws an exception. The value is in seconds. Please note that when you add/update a Dynamic Logic timeout
property, the Dynamic Logic needs to recompile for the property change to take effect. You can do this by using the "Invalidate
Dynamic Logic Integration Point".
Possible values: Integer ≥ 0
Default value: 300
Change effective: Next Execution
Access Mode: Public
ohi.dynamiclogic.timeout.<0>
An optional property that determines the timeout of the running Dynamic Logic. If the timeout expires, the system interrupts the
Dynamic Logic and throws an exception. The value is in seconds. This property is for a particular Dynamic Logic code, so replace
the placeholder <0> with the Dynamic Logic code for which you want to specify the timeout. Please note that when you add/update a
Dynamic Logic timeout property, the Dynamic Logic needs to recompile for the property change to take effect. You can do this by
using the "Invalidate Dynamic Logic Integration Point". If this property is not set, it takes the value of
ohi.dynamiclogic.timeout
(which in its turn has a default of '300').
Possible values: Integer ≥ 0
Default value:
Change effective: Next Execution
Access Mode: Public
Logging Support
Incident Reports
ohi.incident.rootdir
OHI Components makes use of the Logback library for generating log output. In the event of an unanticipated application
exception, the system writes more detailed exception trace information to an individual exception trace file. This property
controls the location of these exception trace files. By default, the location 'target/trace' is relative to the directory where
the WebLogic server starts. When changing the value for this property, make sure that the OS user that executes the WebLogic
server processes needs to create (and read/write files in) the directory that the property refers to.
Possible values: String
Default value: target/trace
Change effective: After Restart
Access Mode: Protected
ohi.incident.target
OHI Incident files can be stored in the database, in a datafile set. Whenever you set this property to "datafileset" this feature
activates. Otherwise, the default mechanism of writing incident files to an OS file system directory. The OHI Incident datafile
sets will have a Code with a following pattern: "OHIIncidents<yyyyMMdd>". Note that the value for this property must be set in
the properties file, not using properties API.
Possible values: "file" or "datafileset"
Default value: file
Change effective: After Restart
Access Mode: Protected
Cache Control
ohi.httpapi.cache.control.cachesetting.metadata
This property specifies the code of a OHI_RESOURCE_CACHE_SETTING for metadata settings. See ohi.httpapi.cache.control.enable
.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.httpapi.cache.control.enable
Property to enable HTTP API Caching, which is disabled by default. When enabled, HTTP API will add a Cache-Control header in the
response it sends.
Possible values: Boolean
Default value: false
Change effective: Next Execution
Access Mode: Public
ohi.messagegroup.cachesize
Use it as an initial sizing element for the number of cached message groups
Possible values: Integer ≥ 1
Default value: 1000
Change effective: Next Execution
Access Mode: Protected
Persistence
ohi.persistence.cache.size.default
The size of Eclipselink’s shared cache (L2) when no specific size is defined. It defines the number of entities that is kept in
memory.Every cacheable entity has it’s own cache, so the number applies per entity type.
Possible values: Integer ≥ 0
Default value: 500
Change effective: After Restart
Access Mode: Protected
ohi.persistence.cache.<0>.size
The size of Eclipselink’s shared cache (L2) for a specific entity. It defines the number of entities that is kept in memory.If
not defined, the value of ohi.persistence.cache.size.default is used. The placeholder is the name of the entity like 'Procedure'.
Possible values: Integer ≥ 0
Default value:
Change effective: After Restart
Access Mode: Protected
System Resources
ohi.system.cpu.threshold.high
When the system CPU goes above this value, the system enters the low CPU state.
Possible values: Integer ≥ 0
Default value: 75
Change effective: Immediate
Access Mode: Protected
ohi.system.memory.normal.delay
The time before the memory state gets reset to normal from non-normal. This prevents the systemfrom switching to often between
healthy and not-healthy.The value is in seconds
Possible values: Integer ≥ 0
Default value: 60
Change effective: Next Execution
Access Mode: Protected
ohi.system.memory.threshold.critical
When the free memory drops below this value, the system enters the critical memory state.The value is in MB
Possible values: Integer ≥ 0
Default value: 64
Change effective: Next Execution
Access Mode: Protected
Web Service Connection Settings
ohi.ws.fileimport.filesrootdirectory
MANDATORY
Use this property to give the root directory path that the File Import uses. This is for security reasons, it ensures that the
files are in a specific area only.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Protected
ohi.rest.client.logging
Enable or Disable logging for rest clients. When "true" will log traffic to external system.
Possible values: Boolean
Default value: false
Change effective: Immediate
Access Mode: Public
ohi.service.client.cache.size
The rest client cache size.
Possible values: Integer ≥ 1
Default value: 500
Change effective: Immediate
Access Mode: Public
ohi.service.<0>.client.authentication
This property specifies the (Jersey/REST specific) authentication mechanism to use for machine-to-machine communication.
Allowable values are 'None', 'BasicAuthentication' (and 'OAuth'). The notification key replaces the <0>.
Possible values: String
Default value: BasicAuthentication
Change effective: Next Execution
Access Mode: Public
ohi.service.<0>.client.pool.destination.maxconnections
The maximum number of connections in the pool per destination for client <0>. Effective immediately for non-cached clients.
Possible values: Integer ≥ 1
Default value:
Change effective: After Restart
Access Mode: Public
ohi.service.<0>.client.pool.destination.maxqueued
The maximum number of connections in the pool allowed to be queued per destination for client <0>. Effective immediately for
non-cached clients.
Possible values: Integer ≥ 1
Default value:
Change effective: After Restart
Access Mode: Public
ohi.service.<0>.client.pool.timeout.addressresolution
The max time, in milliseconds, to resolve the host address. This property is specific to client <0>. Effective immediately for
non-cached clients.
Possible values: Integer ≥ 1
Default value:
Change effective: After Restart
Access Mode: Public
ohi.service.<0>.client.pool.timeout.connection
The max time, in milliseconds, a connection can take to connect to destinations. A value of 0 means never timeout. This property
is specific to clientId <0>. Effective immediately for non-cached clients.
Possible values: Integer ≥ 1
Default value:
Change effective: After Restart
Access Mode: Public
ohi.service.<0>.client.pool.timeout.idle
The max time, in milliseconds, a connection can be idle. This property is specific to client <0>. Effective immediately for
non-cached clients.
Possible values: Integer ≥ 1
Default value:
Change effective: After Restart
Access Mode: Public
ohi.service.<0>.media.type
For the notification media type. Notification key replaces the <0>.
Possible values: String
Default value: application/json
Change effective: Next Execution
Access Mode: Public
ohi.service.<0>.method.type
This property is for the notification method type. The notification key replaces the <0>.
Possible values: String
Default value: POST
Change effective: Next Execution
Access Mode: Public
ohi.ws.api.default.pagesize
Number of items fetched in a HTTP API request.
Possible values: Integer ≥ 1
Default value: 50
Change effective: Next Execution
Access Mode: Protected
ohi.ws.client.connectiontimeout
The time in milliseconds before the attempt to connect to an outbound service times out. A value of 0 means never timeout.
Possible values: Integer ≥ 0
Default value: 60000
Change effective: Immediate
Access Mode: Public
ohi.ws.client.maxconnectionsperhost
The maximum number of concurrent connections the HTTP client will allow to a certain host at any given moment.
Possible values: Integer ≥ 1
Default value: 2
Change effective: Immediate
Access Mode: Public
ohi.ws.client.maxtotalconnections
Sets the maximum number of total concurrent connections the HTTP client will allow at any given moment.
Possible values: Integer ≥ value of ohi.ws.client.maxconnectionsperhost
Default value: 20
Change effective: Immediate
Access Mode: Public
ohi.ws.client.readtimeout
The time in milliseconds that the client will wait for the server to respond to the request. A value of 0 means never timeout.
Possible values: Integer ≥ 0
Default value: 60000
Change effective: Immediate
Access Mode: Public
ohi.ws.client.retrytimeout
The time in milliseconds that the system will wait before it makes another attempt to access a failing service. A value of 0
means no timeout before retrying.
Possible values: Integer ≥ 0
Default value: 1000
Change effective: After Restart
Access Mode: Public
ohi.ws.last.login.update.threshold
The number of hours that need to pass between logins before updating the user’s last login timestamp. By default, the last login
timestamp will not update more than once per hour. This only applies to logins through a web service
Possible values: Integer ≥ 1
Default value: 1
Change effective: Next Execution
Access Mode: Public
Web Service Client Authentication
Outbound RESTful invocations can be secured using Basic Authentication or
OAuth 2.0. For details, refer to the relevant chapter in the Security Guide.
Each client needs to be configured separately. The applicable properties all
follow the same naming convention:
ohi.service.<0>.client.authentication
. The default value is
"BasicAuthentication". The placeholder <0>
is the name of the client.
Oracle Health Insurance-defined client names are listed as follows:
Web Service: Activity Notification
Client Name: ActivityResponseClient
Relevant Properties: ohi.service.ActivityResponseClient.client.authentication
Web Service: Data Exchange Export Notification
Client Name: DataExchangeExportNotificationClient
Relevant Properties: ohi.service.DataExchangeExportNotificationClient.client.authentication
Web Service: Data Exchange Import Notification
Client Name: DataExchangeImportNotificationClient
Relevant Properties: ohi.service.DataExchangeImportNotificationClient.client.authentication
Web Service: Data Replication Person Events
Client Name: DataReplicationPersonEvents
Relevant Properties: ohi.service.DataReplicationPersonEvents.client.authentication
Web Service: Data Replication Person Entities
Client Name: DataReplicationPersonEntities
Relevant Properties: ohi.service.DataReplicationPersonEntities.client.authentication
Web Service: Financial Message Notification
Client Name: FinancialMessageNotificationClient
Relevant Properties: ohi.service.FinancialMessageNotificationClient.client.authentication
Defining the property for the authentication mechanism needs to be done in conjunction with defining the credentials that the web service client will use when making the request. How to enter credentials is also outlined in the Developer Guide.
Web Service Media Type
Certain outbound RESTFul invocation support multiple output formats (that is, XML
or JSON). This can be configured via the media type property. If unspecified,
the default value is "application/json". The property name follows the naming
convention: ohi.service.<client>.media.type
, where the
placeholder <client> is the name of the client. The names of the clients
that support a configurable media type are listed as follows:
Web Service: Activity Notification
Client Name: ActivityResponseClient
Relevant Properties: ohi.service.ActivityResponseClient.media.type
URL References
In HTTP API RESTful services links, URL references may be passed. Construction of the URL for these pages is driven by the following parameters:
ohi.<0>.application.baseurl
MANDATORY
This is the default URL for accessing the application. It is used to construct the links included in asynchronous responses and
notifications. It includes the machine or load balancer, the domain, and a port number. The placeholder <0> in this property name
must specify the application name. The various API requests that start an asynchronous process can take a custom header parameter
that overrides the value of this property. In this case, the base URL is derived from the request, instead of this property.
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Protected
ohi.<0>.deeplink.url
MANDATORY
The base URL of an application for JET UI deep linking URL formation. It includes the machine or load balancer, the domain and a
port number. It is mandatory to set a correct link in the deep linking URL. The application name must replace the placeholder
<0>. An example of the value is http://localhost:7001.
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Protected
User Interface
ohi.environment.identifier
Text string used to identify the environment, such as 'prod,' 'dev,' or 'qa.'The value for this property should not exceed 158
characters.
Possible values: String
Default value: ohi
Change effective: After Restart
Access Mode: Protected
ohi.jsui.formatted.name.individualproviders
This property is used to display the formatted name in context of an individual provider
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Protected
ohi.jsui.formatted.name.persons
This property is used to display the formatted name in context of a person
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Protected
ohi.ui.accessToken.root.url
The webgate URL root (Required for CSP allowlist).
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Protected
ohi.ui.accessToken.url
The webgate URL to access accessToken resource.
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Protected
ohi.ui.api.authentication.method
Authentication mechanism for the JET UI. One of OAuth, BasicAuthentication, WebGate (in case a gateway handles authentication) or
OpenID (in case OpenID Connect is used - see below table for more properties).
Possible values: String
Default value: Oauth
Change effective: After Restart
Access Mode: Protected
ohi.ui.api.authentication.oauth.clientId
The clientId is the public identifier for the JET UI. Mandatory when using OAuth. Not applicable when not using OAuth. Has no
default value.
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Protected
ohi.ui.backEnd.root.url
The base URL for accessing web services, typically includes the machine or loadbalancer, the domain and a port number.
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Protected
ohi.ui.backEndURL
Fully qualified URL for HTTP API resources. The path in the URL should include the context root for HTTP API resources. The
default context root for HTTP API resources is '/api'. Note that this could be a load balancer URL and / or that the default
context root might have been overwritten using a deployment plan.
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Protected
ohi.ui.httplink.<0>
This property is used for defining the address of the http link. <0> to be replaced by a custom identifier to give more context
to the http link configuration.
Possible values: String
Default value:
Change effective: Immediate
Access Mode: Protected
ohi.ui.logout.url
The URL used by Oracle JET to actively logout a user (session)
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Protected
ohi.ui.session.timeout
The timeout is the time (in milliseconds) after which the current user session expires and displays 'The page has expired'
warning dialog. Clicking OK re-directs the user to the login page. The default value is set to 1hr (3600000 ms). A value of 0
means never timeout.
Possible values: Integer ≥ 0
Default value: 3600000
Change effective: After Restart
Access Mode: Protected
ohi.ui.waitTime
The waitTime is the time (in milliseconds) between entering a character in a search field, and the search firing. Applies to
quick search and LOV, suggested is 1500.
Possible values: Integer ≥ 1
Default value: 1500
Change effective: After Restart
Access Mode: Protected
ohi.ui.webgate.logout.url
Logout from WebGate/SSO external provider
Possible values: String
Default value: /logout
Change effective: After Restart
Access Mode: Protected
ohi.ui.webgate.url
OAM URL (Required for CSP allowlist).
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Protected
Specifically for OpenID Connect Support
The following table lists user interface related properties, specifically for OpenID Connect support:
ohi.oauth.token.introspection.endpoint.client_id
Unique Client Id for resolving the username and password credentials. When calling the OAuth2 authorization server token
validation or introspection endpoint, the system uses this unique Client Id to construct the Basic Authentication Authorization
header. Token Validation Method is OAUTH2_ENDPOINT.
Possible values: String
Default value:
Change effective: Immediate
Access Mode: Public
ohi.oauth.use.openidconnect
When set to true, it indicates that Oracle JET UI leverages OpenID Connect authentication.
Possible values: Boolean
Default value: false
Change effective: After Restart
Access Mode: Protected
ohi.security.oauth.callback
Specifies the OpenID Connect callback URL to invoke after authentication of the user through OpenID Connect takes place, but
before an access token is obtained.
Possible values: String
Default value: oidc/callback
Change effective: After Restart
Access Mode: Protected
ohi.security.oauth.cookie.maxage
This property determines the time (in seconds) until the the OAUTH authentication cookie expires.
Possible values: Integer ≥ 1
Default value: 3600
Change effective: After Restart
Access Mode: Protected
ohi.security.oauth.cookie.name
This property specifies the name of the shared cookie, which stores the OpenID connect authentication information.
Possible values: String
Default value: OHI_SHARED_AUTH
Change effective: After Restart
Access Mode: Protected
ohi.security.oauth.cookie.path
This property specifies the path of the OHI OAUTH Session Cookie. This path must exist in the requested URL, or the browser won’t
send the Cookie header.
Possible values: String
Default value: /
Change effective: After Restart
Access Mode: Protected
ohi.security.oauth.cookie.secure
This property determines if the OAUTH authentication cookie is set to 'secure'. When set to true, the cookie is only sent to the
server when the system makes a request with the 'https:' scheme.
Possible values: Boolean
Default value: false
Change effective: After Restart
Access Mode: Protected
Activity and Task Processing
ohi.activityprocessing.cleanup.frequency
If any in progress activities, (current - last updated date )timestamp is greater than value configured by this property then
the status gets updated to technical error
Possible values: Integer ≥ 1
Default value: 600
Change effective: Immediate
Access Mode: Protected
ohi.activityprocessing.enabled
Set to true/false to enable/disable activityprocessing on a specific JVM
Possible values: Boolean
Default value: true
Change effective: Immediate
Access Mode: Protected
ohi.activityprocessing.heartbeat.frequency
This property configures the scheduled time frame for updating the last_updated_date column for the running activities to rectify
the activities getting stuck in the progress status.
Possible values: Integer ≥ 1
Default value: 300
Change effective: Immediate
Access Mode: Protected
ohi.activityprocessing.max.resubmit.attempt.count
This property configures the maximum number of times a stuck root activity can be re-submitted for processing
Possible values: Integer ≥ 0
Default value: 3
Change effective: Immediate
Access Mode: Protected
ohi.activityprocessing.notification.endpoint
RESTful Service endpoint URL for delivering the response notification after activity processing completes. OHI Components
applications will use a POST operation by default. You can overwrite this by using ohi.service.<0>.method.type
, where the
notification key must replace the <0>. Sample value is \\http://machine:port/api/generic_notification_service.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.activityprocessing.notification.endpoint.<0>
Activity type-specific RESTful Service endpoint URL for delivering the response notification once activity processing completes.
The activity type code must replace the <0>. For example, REFSHEETLINE_IMPORT. When you do not set this property, the property
uses the value of ohi.activityprocessing.notification.endpoint
. OHI Components applications will use a POST operation by
default. You can overwrite this by using ohi.service.<0>.method.type
, where the notification key must replace the <0>. Sample
value is \\http://machine:port/api/generic_notification_service.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.activityprocessing.threadpool.size
This property configures the size of the thread pool used for processing the activities. The default value is used if no correct
value is configured.
Possible values: Integer ≥ 1
Default value: 8
Change effective: Immediate
Access Mode: Protected
ohi.amount.scale
By default, amounts are stored with the scale of 2 (two digits after the decimal point). A subset of amounts allows for a higher
scale. For example, the premium amounts in calculation results allow up to 12 digits after the decimal point. How many of those
additional digits the system actually uses depends on this property. The system can use it to store calculation result amounts
with greater scale. An increase of scale allows for sending financial data on a detail level (For example, VAT on a premium for a
member) to the financial system and round only after aggregation (For example, on a group account); rounding in an early stage to
two decimals leads to a substantial difference with the expected outcome on an aggregate level.
Possible values: 2 ≤ Integer ≤ 12.
Default value: 2
Change effective: Next Execution
Access Mode: Public
ohi.financialmessage.create.noninvoiceaccdetail
Decides the creation of non-invoice accounting details in financial message. If set to true, activity creates non-invoice account
details in financial message. If the property is set to 'false', non-invoice accounting details won’t be created
Possible values: Boolean
Default value: true
Change effective: Next Execution
Access Mode: Public
ohi.financialmessage.datafile.notification.endpoint
For sending out financial message data file creation notification in Generate Financial Message Activity. For FileBased requests.
Sample value is http://machine.domain:port/financialmessage/datafile
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.financialmessage.endpoint.request
For sending out financial message in Generate Financial Message Activity. For MessageBased requests. Sample value is
http://machine.domain:port/financialmessage
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.max.headroom
The maximum number of tasks to load into the processing grid.
Possible values: Integer ≥ 1
Default value: 1000
Change effective: Next Execution
Access Mode: Public
ohi.max.headroom.<0>
The maximum number of tasks to load into the processing grid - per given activity type.
Possible values: Integer ≥ 1
Default value: 1000
Change effective: Next Execution
Access Mode: Public
ohi.processing.attemptLogLevel
A non-zero value for this property means that the system retains data (That is, extra_info) for failed attempts.
Possible values: Integer ≥ 0
Default value: 0
Change effective: Next Execution
Access Mode: Public
ohi.processing.bucketsize.SELECT_TRANSACTIONS_IN_SET
Utilized for Select Transactions In Set activity bucketing. It decides how many sub-activities will run in one transaction to
improve performance. This one utilizes a technical table to bucketise the working set.
Possible values: Integer ≥ 1
Default value: 5000
Change effective: Next Execution
Access Mode: Public
ohi.processing.cache.boilerplate.spec
A specification of Google Guava’s CacheBuilder configuration. It configures a cache for boiler plate text. Defined as a string
which is a series of comma-separated keys or key-value pairs, each corresponding to a CacheBuilder method. See CacheBuilderSpec
for additional detail.
Possible values: String
Default value: maximumSize=20000,softValues,recordStats
Change effective: Next Execution
Access Mode: Protected
ohi.processing.cache.dynamicfieldsetupcache.spec
Specification for a cache that caches DynamicFieldSetup. For more information, see CacheBuilderSpec’s javadoc:
https://guava.dev/releases/19.0/api/docs/com/google/common/cache/CacheBuilderSpec.html
Possible values: String
Default value: maximumSize=10000,softValues,recordStats,expireAfterAccess=3600s
Change effective: Next Execution
Access Mode: Protected
ohi.processing.cache.dynamiclogicobject.spec
Specification for a cache that caches the information that comes from the Dynamic Logic domain objectFor more information, see
CacheBuilderSpec’s javadoc: https://guava.dev/releases/19.0/api/docs/com/google/common/cache/CacheBuilderSpec.html
Possible values: String
Default value: maximumSize=100,softValues,recordStats,expireAfterAccess=3600s
Change effective: Next Execution
Access Mode: Protected
ohi.processing.cache.dynamicrecordsetupcache.spec
Specification for a cache that caches the DynamicRecordSetup. For more information, see CacheBuilderSpec’s javadoc:
https://guava.dev/releases/19.0/api/docs/com/google/common/cache/CacheBuilderSpec.html
Possible values: String
Default value: maximumSize=10000,softValues,recordStats,expireAfterAccess=3600s
Change effective: Next Execution
Access Mode: Protected
ohi.processing.cache.fielddetailsetupcache.spec
Specification for a cache that caches the FieldDetails. For more information, see CacheBuilderSpec’s javadoc:
https://guava.dev/releases/19.0/api/docs/com/google/common/cache/CacheBuilderSpec.html
Possible values: String
Default value: maximumSize=10000,softValues,recordStats,expireAfterAccess=3600s
Change effective: Next Execution
Access Mode: Protected
ohi.processing.cache.flexcodesetupcache.spec
Specification for a cache that caches the FlexCodeSetup. For more information, see CacheBuilderSpec’s javadoc:
https://guava.dev/releases/19.0/api/docs/com/google/common/cache/CacheBuilderSpec.html
Possible values: String
Default value: maximumSize=10000,softValues,recordStats,expireAfterAccess=3600s
Change effective: Next Execution
Access Mode: Protected
ohi.processing.cache.ingroup.message.spec
Cache for messages in a message group.
Possible values: String
Default value: maximumSize=1000,softValues,recordStats
Change effective: Next Execution
Access Mode: Protected
ohi.processing.concurrentparentactivities.throttle
System property that determines whether the parent level/root activities should be throttled.The parent activities spawned by the
system (i.e., activities with origin 'Spawned' but not initiated by the user) are not throttled by default. This behavior can be
overruled through the activity type specific property ohi.processing.concurrentparentactivities.throttle.<0>.<1>
Possible values: Boolean
Default value: true
Change effective: Next Execution
Access Mode: Public
ohi.processing.concurrentparentactivities.throttle.<0>.<1>
System property that determines whether the parent level/root activities should be throttled per activity type per activity
level.The first placeholder is the activity type code and the second placeholder is the activity level
Possible values: Boolean
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.processing.defaultdelay
Default amount of delay in seconds when a failed task re-queues for another attempt. The system can override this property if a
delay is set on the task type.
Possible values: Integer ≥ 0
Default value: 3
Change effective: Next Execution
Access Mode: Protected
ohi.processing.filldepth
Specifies a target number of work items to process at a time - to best utilize processing capacity. We suggest a value that is a
multiple of the number of CPU cores available to the managed server. The system will take the maximum of 2x the number of
processors available to the JVM and the value of this property (which has in its turn a default of 3).
Possible values: Integer ≥ 0
Default value: 3
Change effective: Next Execution
Access Mode: Protected
ohi.processing.fillthreshhold
Determines the number of tasks that the system submits for processing. Suggested is a value that is 1 less than the number of CPU
cores available to the managed server. The system will take the maximum of the number of processors available to the JVM minus 1
and the value of this property (which has in its turn a default of 1).
Possible values: Integer ≥ 1
Default value: 1
Change effective: Next Execution
Access Mode: Protected
ohi.processing.groupsize
The number of tasks to group (when applicable) into a collection of tasks to put into the processing grid as one atomic unit.
This complete collection will process on one processing node.
Possible values: Integer ≥ 1
Default value: 400
Change effective: Next Execution
Access Mode: Public
ohi.processing.groupsize.CALCULATE_CAPITATION
Utilized for activity grouping.It decides how many sub-activities will run in one transaction to improve performance. This
directly groups child activities according to groupSize.
Possible values: Integer ≥ 1
Default value: 200
Change effective: Next Execution
Access Mode: Public
ohi.processing.groupsize.GENERATE_FINANCIAL_MESSAGES
Utilized for Generate Financial Message activity grouping It decides how many sub-activities will run in one transaction to
improve performance. This directly groups child activities according to groupSize.
Possible values: Integer ≥ 1
Default value: 500
Change effective: Next Execution
Access Mode: Public
ohi.processing.groupsize.SUPERSEDE_REVERSE
Utilized for activity grouping. It decides how many sub-activities will run in one transaction to improve performance. This
directly groups child activities according to groupSize.
Possible values: Integer ≥ 1
Default value: 500
Change effective: Next Execution
Access Mode: Public
ohi.processing.groupsize.UNSEND_FINANCIAL_MESSAGES_IN_SET
Utilized for Unsend financial messages in set activity grouping. It decides how many sub-activities will run in one transaction
to improve performance. This directly groups child activities according to groupSize.
Possible values: Integer ≥ 1
Default value: 100
Change effective: Next Execution
Access Mode: Public
ohi.processing.groupsize.<0>
The number of tasks to group (when applicable) into a collection of tasks to put into the processing grid as one atomic unit -
per activity type. This complete collection will process on one processing node.
Possible values: Integer ≥ 1
Default value: 400
Change effective: Next Execution
Access Mode: Public
ohi.processing.loadercount
The number of loader tasks the system has to spawn, whenever an activity of that type needs to be processed and has child tasks
spawned into the grid. These loaders work concurrently on the set of child tasks to spawn.
Possible values: Integer ≥ 1
Default value: 1
Change effective: Next Execution
Access Mode: Public
ohi.processing.loadercount.<0>
The number of loader tasks the system has to spawn for a specific activity type, whenever an activity of that type needs to be
processed and has child tasks spawned into the grid. These loaders work concurrently on the set of child tasks to spawn.
Possible values: Integer ≥ 1
Default value: 1
Change effective: Next Execution
Access Mode: Public
ohi.processing.loaderyield
This property specifies the time (in seconds) the system holds back a loader task in the grid, in the event it reaches its
maximum allowed number of tasks to load and spawn into the grid.
Possible values: Integer ≥ 1
Default value: 3
Change effective: Next Execution
Access Mode: Public
ohi.processing.loaderyield.<0>
This property specifies the time (in seconds) the system holds back a loader task in the grid, in the event it reaches its
maximum allowed number of tasks to load and spawn into the grid.- per given activity type.
Possible values: Integer ≥ 1
Default value: 3
Change effective: Next Execution
Access Mode: Public
ohi.processing.max.concurrentparentactivities.size
System property that determines the number of parent activities that run in parallel by default, if throttling is enabled.The
parent activities spawned by the system (i.e., activities with origin 'Spawned' but not initiated by the user) are not considered
for size limit by default. This behavior can be overruled through the activity type specific property
ohi.processing.max.concurrentparentactivities.size.<0>.<1>
Possible values: Integer ≥ 0
Default value: 8
Change effective: Next Execution
Access Mode: Public
ohi.processing.max.concurrentparentactivities.size.<0>.<1>
System property that determines the number of parent activities that run in parallel per activity type per activity level. The
first placeholder is the activity type code and the second placeholder is the activity level
Possible values: Integer ≥ 0
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.processing.max.numberofretries
The maximum amount of times activity processing will try to send out an 'activity processed' event to an external system.
Possible values: Integer ≥ 0
Default value: 3
Change effective: Next Execution
Access Mode: Public
ohi.processing.max.numberofretries.<0>
The maximum amount of times activity processing will try to send out an 'activity processed' event to an external system - per
activity type.
Possible values: Integer ≥ 0
Default value: 3
Change effective: Next Execution
Access Mode: Public
ohi.processing.maxErrorAttempts
Number of times a task can resolve as 'errored' before it stops a task flow.
Possible values: Integer ≥ 0
Default value: 3
Change effective: Next Execution
Access Mode: Protected
ohi.processing.maxIncompleteAttempts
Determines how many times a specific incomplete task will reschedule for processing, before marking it as 'errored'.
Possible values: Integer ≥ 0
Default value: 10000
Change effective: Next Execution
Access Mode: Protected
ohi.processing.pagesize.GENERATE_FINANCIAL_MESSAGES
Utilized for reading financial message chunks to generate financial messages in flat files or XML. It is used to determine how
records will be processed.
Possible values: Integer ≥ 1
Default value: 5000
Change effective: Next Execution
Access Mode: Public
ohi.processing.retryimmediate
Determines if a failed task retries immediately, or re-queues for another attempt after a delay.
Possible values: Boolean
Default value: true
Change effective: Immediate
Access Mode: Protected
ohi.processing.throttle.activities.task.dequeue.delay.<0>.<1>
Amount of delay in seconds (per activity type per activity level) when a task re-queues for another attempt. The first
placeholder is the activity type code and the second placeholder is the activity level
Possible values: Integer ≥ 0
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.processing.throttle.activities.task.priority.<0>.<1>
Priority of the task (per activity type per activity level) for execution. The first placeholder is the activity type code and
the second placeholder is the activity level
Possible values: Integer ≥ 0
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.processing.yield.default
This property specifies the default time (in seconds) that the system holds back a task in the processing grid, in between
execution steps. This is typical for parent-child task relationships, where a parent task will has to regularly check on the
status of its children.
Possible values: Integer ≥ 1
Default value: 3
Change effective: Next Execution
Access Mode: Public
ohi.processing.yield.taskcompletion
This property specifies the time (in milliseconds) the system will hold an (aggregate) task backfor task loaders to complete
their work.
Possible values: Integer ≥ 1
Default value: 3
Change effective: Next Execution
Access Mode: Public
ohi.processing.yield.<0>
This property specifies the default time (in seconds) that the system holds back a task in the processing grid, in between
execution steps. This is typical for parent-child task relationships, where a parent task has to regularly check on the status of
its children - per activity type.
Possible values: Integer ≥ 1
Default value: 3
Change effective: Next Execution
Access Mode: Public
ohi.startup.start.task.processing
Controls task processing for a managed server. By default, if a managed server that executes an OHI Components application
starts, then it will start processing tasks from the work backlog queue. You can override the default behavior by setting
command-line parameter ohi.startup.start.task.processing
; if it is set to false, a managed server that executes the OHI
Components application will not process tasks after it starts. The default value is true, meaning the managed server that
executes the OHI Components application will start processing tasks from the work backlog queue after it starts.
Possible values: Boolean
Default value: true
Change effective: Next Execution
Access Mode: Protected
Specifying Yields, Submission Count, Group Size, and Loader Count Per Activity Type
Oracle Health Insurance Value-Based Payments allows to individually specify some of the aforementioned application properties on a per-activity-type basis. This provides finer grained control of loading and processing semantics. The way to accomplish this is to concatenate the mnemonic for the specific activity type after the specific property key, for example:
ohi.processing.groupsize.CALCULATE_CAPITATION=300
This mechanism is available for the following properties:
-
ohi.processing.yield.<activity_type>
-
ohi.max.headroom.<activity_type>
-
ohi.processing.groupsize.<activity_type>
-
ohi.processing.loadercount.<activity_type>
-
ohi.processing.loaderyield.<activity_type>
-
ohi.processing.max.numberofretries.<activity_type>
For the mnemonic of individual activity types, check the Developer Guide.
Data Exchange
ohi.application.uri.<0>
MANDATORY
Reference to URI of the source application to retrieve data-sets metadata to be processed. Either "CONF" or "PRD" as values
replace the <0>. It is possible to define multiple URI’s, with ";" separating each.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.cm.concurrency.limit
This property specifies the number of parallel threads in configuration migration tool for export and import processes. For
better performance results, we recommend the value of this system property to be equal to the number of CPUs (core). For example,
if there are six CPUs and each of them is single-core, then this property must be six
Possible values: Integer ≥ 1
Default value: 2
Change effective: After Restart
Access Mode: Protected
ohi.cm.highvolumeentities.export.page.size
The system uses this property in the export process and it represents the number of high volume entities (For example, Procedure
Group detail) to read at a time. We recommend setting this value to N * 1000, where N is the number of JVMs.
Possible values: Integer ≥ 1
Default value: 1000
Change effective: Next Execution
Access Mode: Protected
ohi.<0>.endpoint.request
Allows for web service client interactions to identify their request URI destination. The system uses this property to get the
URI for the end point. The notification key replaces the <0>. Sample value is \\http://machine.domain:port/<0>
.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
Single Sign-On and Web Gate
The following table lists properties that need to be set when the Oracle Health Insurance application take part in Single Sign-On (SSO) scenarios or when Oracle Health Insurance applications are fronted by a gateway that is responsible for handling authentication:
ohi.security.sso.enabled
The application will check for an SSO header, and if it does not find one, it will present the user with a login screen.
Possible values: Boolean
Default value: false
Change effective: Next Execution
Access Mode: Protected
Data File Import
The following table lists (technical) properties that influence data file (batch) processing performance. Only change these after consulting with Oracle:
ohi.providerimport.filereader.chunk.size
A separate processing activity spawns for processing a chunk or batch of providers of the specified size.
Possible values: Integer ≥ 1
Default value: 5000
Change effective: Next Execution
Access Mode: Protected
ohi.referencesheetimport.filereader.chunk.size
A separate processing activity spawns for processing a chunk or batch of reference sheets of the specified size.
Possible values: Integer ≥1
Default value: 5000
Change effective: Next Execution
Access Mode: Protected
Secrets Store
ohi.oauth.cert.signing.algorithm
Determines the signing algorithm for X509 certificates that the OHI applications use to sign the JWT token that an OHI
application generates for obtaining an OAuth2 access token through the assertion grant type (where it uses the JWT as assertion).
OHI applications only supports RSA algorithms currently.
Possible values: String
Default value: SHA512withRSA
Change effective: Immediate
Access Mode: Protected
ohi.secure.secrets.store
The type of store the OHI application uses for secrets
Possible values: One of the following: vault, ohistore
Default value:
Change effective: After Restart
Access Mode: Protected
ohi.vault.address
Vault address. Must use HTTPS.
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Protected
ohi.vault.environment.identifier
To distinguish secrets on a per OHI application instance basis
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Protected
ohi.vault.kv.secrets.engine
By default, OHI applications assume that Vault’s Key-Value secrets engine is enabled at root path "secret". The Key-Value secrets
engine is used to store arbitrary secrets within the physical storage for Vault you configure.
Possible values: String
Default value: secret
Change effective: After Restart
Access Mode: Protected
ohi.vault.namespace
OHI specific Vault namespace section, under the path determined by properties {ohi.vault.kv.secrets.engine}/{ohi.vault.namespace}
to look for secrets
Possible values: String
Default value: ohi
Change effective: After Restart
Access Mode: Protected
Cross Origin Resource Sharing
See the Security Guide for an introduction to Cross Origin Resource Sharing (CORS). For further explanation the reader is referred to W3C’s CORS specification.
The following table lists CORS related properties:
ohi.cors.access.control.allow.origin
MANDATORY
Comma-separated list of allowed origins. The value '' effectively allows all origins.
*Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Protected
ohi.cors.access.control.allow.credentials
Header that shows whether the system can expose the response to a request when the omit credentials flag is unset. When this is
part of the response to a preflight request, it shows that the actual request can include user credentials.
Possible values: Boolean
Default value: true
Change effective: Next Execution
Access Mode: Protected
ohi.cors.access.control.allow.headers
Header that shows, as part of the response to a preflight request, which header field names can be useful for during the actual
request. Allows all headers by default. The value is a comma-separated list of allowed headers.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Protected
ohi.cors.access.control.allow.methods
Header that shows, as part of the response to a preflight request, which methods the system can use during the actual request.
Allows all methods by default. The value is a comma-separated list of allowed methods.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Protected
ohi.cors.access.control.expose.headers
Header that shows which headers are safe to expose to the API of a CORS API specification. The value is a comma-separated list of
all exposed headers.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Protected
Intrusion Detection
Oracle Health Insurance applications safeguard against Cross-Site Scripting (XSS) attacks by checking "untrusted" data that may be entered in HTTP API requests (see the Security Guide for intrusion detection principles). Detection behavior can be customized using the properties that are listed in the following table:
ohi.untrusteddata.allowlist.domainattribute
The system checks the domain attributes by default. Use this property to define a comma-separated list of excluded
customer-specific attributes from intrusion detection checking. Format: <DOMAIN OBJECT SIMPLE NAME>.<ATTRIBUTE NAME>.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Protected
ohi.untrusteddata.allowlist.httpheader
The property checks the HTTP Headers by default. Use this property to define a comma-separated list of customer-specific headers
that need exclusion from intrusion detection checking. Format: <HEADER NAME>,<HEADER NAME>.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Protected
ohi.untrusteddata.allowlist.queryparameter
The system checks HTTP Query Parameters by default. Use this property to define a comma-separated list of customer-specific query
parameters that need exclusion from intrusion detection checking. Format: <QUERY PARAMETER NAME>,<QUERY PARAMETER NAME>.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Protected
ohi.untrusteddata.check
The application enables the XSS vulnerability detection by default. Disable it bysetting the value for this parameter to false.
You should use this property if other components in the landscape perform vulnerability detection.
Possible values: Boolean
Default value: true
Change effective: Next Execution
Access Mode: Protected
ohi.untrusteddata.domain.attribute.length
The system checks the domain attributes of type string by default if the length ≥ 30 characters. To be more stringent,
decrease the default value using this property.
Possible values: Integer ≥ 1
Default value: 30
Change effective: Next Execution
Access Mode: Protected
ohi.untrusteddata.whitelist.domainattribute
DEPRECATED
Deprecated: use ohi.untrusteddata.allowlist.domainattribute instead. The system checks the domain attributes by default. Use this
property to define a comma-separated list of excluded customer-specific attributes from intrusion detection checking. Format:
<DOMAIN OBJECT SIMPLE NAME>.<ATTRIBUTE NAME>.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Protected
ohi.untrusteddata.whitelist.httpheader
DEPRECATED
Deprecated: use ohi.untrusteddata.allowlist.httpheader instead. The property checks the HTTP Headers by default. Use this
property to define a comma-separated list of customer-specific headers that need exclusion from intrusion detection checking.
Format: <HEADER NAME>,<HEADER NAME>.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Protected
ohi.untrusteddata.whitelist.queryparameter
DEPRECATED
Deprecated: use ohi.untrusteddata.allowlist.queryparameter instead. The system checks HTTP Query Parameters by default. Use this
property to define a comma-separated list of customer-specific query parameters that need exclusion from intrusion detection
checking. Format: <QUERY PARAMETER NAME>,<QUERY PARAMETER NAME>.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Protected
For example, to prevent mixed encoded Cookies that a client like a browser sends as part of the request to result in a Bad Request, allow the Cookie header as follows:
ohi.untrusteddata.whitelist.httpheader=Cookie
Replicating Member Data
Member data can be replicated from another Oracle Health Insurance application that is referred to as the source system. The following table lists the parameters for that:
ohi.ws.sourcesystem.<0>.baseurl
MANDATORY
Base URI to the source system; must include the context root for accessing HTTP API services; by default that context root is
'/api', you may change it with a deployment plan.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.datareplication.event.retrieval.diff.current.timestamp
System property to fetch events created before given number of seconds. The default value is 30s which means events which were
created upto 30s before current time will be replicated in target system.
Possible values: Integer ≥ 0
Default value: 30
Change effective: Next Execution
Access Mode: Public
ohi.datareplication.event.retrieval.include.current.timestamp
Property when set to true fetches events created before current time, when false this restriction doesn’t apply.
Possible values: Boolean
Default value: true
Change effective: Next Execution
Access Mode: Public
Data Set Operations
ohi.datasetoperations.notification.endpoint.export
This property is about the Data Set Operations Integration Point, for export usages. It contains a URI that refers to the
notification message, once the process of uploading the data set payload completes this message is sent.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
ohi.datasetoperations.notification.endpoint.import
This property is about the Data Set Operations Integration Point, for import usages. It contains a URI that refers to the
notification message, once the process of uploading the data set payload completes this message is sent. Error messages prevent
the import from happening.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Public
OAuth 2.0
The Oracle Health Insurance application’s RESTful services can be OAuth 2.0 protected. In that case the application validates and / or introspects OAuth 2.0 access tokens that are sent as Bearer tokens in the HTTP Authorization header. See the Security Guide for further details about OAuth 2.0 support in Oracle Health Insurance applications.
The following table lists OAuth 2.0 server side properties.
ohi.oauth.accesstoken.expiry.time.delay
To model the overhead of fetching an access token from an OAuth2 authorization server for caching the access token in the REST
client. For example, to account for some network delay between the client and the authorization server. For example, if the
authorization server returns a token with an expiry time of 3600 seconds and if the network delay is 100 ms, then you can
configure 100 ms for this key. The system will cache the resulting access token for the original expiry time minus overhead time,
that is, 3600000 - 100 = 3599900 ms. You must specify the value in milliseconds.
Possible values: Integer ≥ 0
Default value: 10
Change effective: Immediate
Access Mode: Public
ohi.oauth.idp.uri
You need to set a system property to the IDP (IDentity Provider) URL to acquire the OpenID Connect configuration. Set this
property when ohi.oauth.use.openidconnect
is set to 'true'.
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Protected
ohi.oauth.jwk.set.url
The URL value for the OAuth2 authorization server JSON Web Key (JWK) Set endpoint. The OAuth2 authorization server must support
RFC 7517. Token Validation Method is JWKSET.
Possible values: String, URL
Default value:
Change effective: After Restart
Access Mode: Public
ohi.oauth.jwk.set.validation.audience
Client Id or audience claim for Token Validation. Token Validation Method is JWKSET.
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Public
ohi.oauth.jwk.set.validation.issuer
Issuer for Token Validation. Token Validation Method is JWKSET.
Possible values: String or URL
Default value:
Change effective: After Restart
Access Mode: Public
ohi.oauth.jwk.set.validation.jws.signing.algorithm
Signing algorithm that the Authorization Server uses. Token Validation Method is JWKSET.
Possible values: String
Default value: RS256
Change effective: After Restart
Access Mode: Public
ohi.oauth.jws.signing.algorithm
Algorithm for signing the JWT token that an OHI application generates for obtaining an OAuth2 access token through the assertion
grant type (where the JWTis used as an assertion). Note that it only supports RSA algorithms.
Possible values: RS256, RS384, RS512
Default value: RS512
Change effective: Immediate
Access Mode: Public
ohi.oauth.jwt.expiration.period
Expiration period (in seconds) for the JWT token that an OHI application generates for obtaining an OAuth2 access token through
the assertion grant type (where the JWT is used as an assertion) .
Possible values: 0 ≤ Integer ≤ 9999
Default value: 600
Change effective: Immediate
Access Mode: Public
ohi.oauth.jwt.userid.claim
Specifies the claim in the JWT that can identify the user for which the system creates the OAuth2 access token. Token Validation
Method is JWKSET.
Possible values: String
Default value: sub
Change effective: Immediate
Access Mode: Public
ohi.oauth.openidconnect.accesstoken.client_id
Client ID of the OpenID Connect client that has to be present to acquire an access token.
Possible values: String
Default value:
Change effective: Immediate
Access Mode: Public
ohi.oauth.openidconnect.accesstoken.credential
Credential associated with the OpenID Connect client that has to be present to acquire an access token.
Possible values: String
Default value:
Change effective: Immediate
Access Mode: Public
ohi.oauth.openidconnect.accesstoken.validation.clockskew
Defines the maximum acceptable clock skew (in seconds) for validating timestamps of ID tokens that an OpenID Provider issues.
Possible values: Integer ≥ 1
Default value: 60
Change effective: After Restart
Access Mode: Protected
ohi.oauth.token.introspection.endpoint.url
The URL value for the OAuth2 authorization server token validation or introspection endpoint. It assumes that the endpoint
supports Basic Authentication. Token Validation Method is OAUTH2_ENDPOINT.
Possible values: String, URL
Default value:
Change effective: After Restart
Access Mode: Public
ohi.oauth.token.introspection.response.username
Specifies the RFC 7662 defined Introspection Response element to derive the username from. Token Validation Method is
OAUTH2_ENDPOINT.
Possible values: String
Default value: sub
Change effective: Immediate
Access Mode: Public
ohi.oauth.token.issuer.<0>
For Token Validation. Specific issuer identifier. Requires use of properties ohi.oauth.token.issuers
and
ohi.oauth.token.issuer.<0>.user.claim
.
Possible values: String or URL
Default value:
Change effective: After Restart
Access Mode: Public
ohi.oauth.token.issuer.<0>.user.claim
For Token Validation. Issuer-specific user claim. Requires use of properties ohi.oauth.token.issuers
and
ohi.oauth.token.issuer.<0>
.
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Public
ohi.oauth.token.issuers
For Token Validation. Comma-separated string of possible token issuers. Requires use of properties ohi.oauth.token.issuer.<0>
and ohi.oauth.token.issuer.<0>.user.claim
.
Possible values: Comma-separated string, e.g. oracle_idcs,azure_ad
Default value:
Change effective: After Restart
Access Mode: Public
ohi.oauth.token.jwt.assertion.param.name
Name of JWT assertion parameter used in OAuth token request. It could be different across OAuth server.
Possible values: String
Default value: assertion
Change effective: Immediate
Access Mode: Public
ohi.oauth.token.validation.method
Determines the access Token Validation Method. Possible values: JWKSET: The resource server validates the OAuth2 access tokens .
Assuming the token is a JWT, validates it against a JSON Web Key (JWK) Set as defined by RFC 7517. The source of the JWK Set is
an endpoint that an OAuth2 authorization server exposes. Use this method to validate ID tokens that an OpenID Provider
issues.OAUTH2_ENDPOINT: validates the token using an OAuth2 authorization server’s token introspection endpoint as defined by RFC
7662.
Possible values: JWKSET, OAUTH2_ENDPOINT
Default value: JWKSET
Change effective: Immediate
Access Mode: Public
Claims in an OAuth 2.0 token may differ per token issuer. The following example demonstrates mapping a specific claim in an access token to Oracle Health Insurance User based on the issuer of the token:
# configure multiple token issuers as comma-separated string ohi.oauth.token.issuers=oracle_idcs,azure_ad # configure issuer to user claim mapping for issuer oracle_idcs ohi.oauth.token.issuer.oracle_idcs=https://identity.oraclecloud.com/ ohi.oauth.token.issuer.oracle_idcs.user.claim=sub # configure issuer to user claim mapping for issuer azure_ad ohi.oauth.token.issuer.azure_ad=https://sts.windows.net/fa15d692-e9c7-4460-a743-29f29522229/ ohi.oauth.token.issuer.azure_ad.user.claim=oid
Extract
ohi.extract.datafilecount
This property controls the number of data files the system generates. This property value also decides how many parallel child
activities to be executed for selection of the items to be extracted. A higher value allows for more parallel child activities,
which can improve performance by making the extraction process multi-threaded, but at the cost of generating more number of data
files. On the other hand, setting a value too low, such as 1 or 10, may result in the extract process functioning as a
single-threaded operation, potentially reducing performance.
Possible values: Integer ≥ 1
Default value: 100
Change effective: Next Execution
Access Mode: Protected
ohi.extract.datafilecount.notificationkey.<0>
This property controls the number of data files system generates for a specific notification key. The notification key replaces
the <0> used in the extract request. This property value also decides how many parallel child activities to be executed for
selection of the items to be extracted. A higher value allows for more parallel child activities, which can improve performance
by making the extraction process multi-threaded, but at the cost of generating more number of data files. On the other hand,
setting a value too low, such as 1 or 10, may result in the extract process functioning as a single-threaded operation,
potentially reducing performance.
Possible values: Integer ≥ 1
Default value:
Change effective: Next Execution
Access Mode: Protected
ohi.extract.datafilecount.resourcename.<0>
This property controls the number of data files generated for a specific resourcename/entity. The resourcename replaces the <0>
used in the extract request. This property value also decides how many parallel child activities to be executed for selection of
the items to be extracted. A higher value allows for more parallel child activities, which can improve performance by making the
extraction process multi-threaded, but at the cost of generating more number of data files. On the other hand, setting a value
too low, such as 1 or 10, may result in the extract process functioning as a single-threaded operation, potentially reducing
performance.
Possible values: Integer ≥ 1
Default value:
Change effective: Next Execution
Access Mode: Protected
ohi.extract.<0>.notification.endpoint
For sending out an extract completion notification for a specific notification key. The notification key replaces the <0>. An
example value would be http://machine.domain:port/notifications.
Possible values: String
Default value:
Change effective: Next Execution
Access Mode: Protected
Monitoring and Metrics
ohi.instrumentation.common.application.tag
Set to true to tag each metric with the name of the application.
Possible values: Boolean
Default value: false
Change effective: After Restart
Access Mode: Public
ohi.instrumentation.filter.ohi.nameprefix
Set to false to enable recording of non-OHI metrics.
Possible values: Boolean
Default value: true
Change effective: After Restart
Access Mode: Public
ohi.instrumentation.gather.applicationmetrics
Set to true to enable recording of OHI metrics.
Possible values: Boolean
Default value: false
Change effective: Immediate
Access Mode: Public
ohi.instrumentation.gather.gc
Set to true to enable recording of garbage collection metrics.
Possible values: Boolean
Default value: false
Change effective: After Restart
Access Mode: Public
ohi.instrumentation.gather.jvm
Set to true to enable recording of JVM metrics.
Possible values: Boolean
Default value: false
Change effective: After Restart
Access Mode: Public
ohi.instrumentation.gather.system
Set to true to enable recording of system metrics.
Possible values: Boolean
Default value: false
Change effective: After Restart
Access Mode: Public
ohi.instrumentation.gather.<0>
Set to true to enable recording of metrics for the metric set. The placeholder value is the code of the metric set
Possible values: Boolean
Default value: true
Change effective: Immediate
Access Mode: Public
ohi.instrumentation.resourceclienttimer.segment.prefixes
Comma-separated list of resource path segment prefixes for resource client timers that the system interprets as not being the
last segment of the resource path.
Possible values: Comma-separated string, e.g. api,oig-api,policies-ws
Default value:
Change effective: After Restart
Access Mode: Public
ohi.instrumentation.<0>.histogram
Determines whether to publish histogram buckets for the timer you configure.
Possible values: Boolean
Default value: false
Change effective: After Restart
Access Mode: Public
ohi.instrumentation.<0>.percentiles
Percentiles for the timer you configure.
Possible values: Comma-separated string, e.g. 0.5,0.75,0.95,0.99
Default value:
Change effective: After Restart
Access Mode: Public
ohi.instrumentation.<0>.regex
The system publishes data for the timer if the tag name that you specify as property ohi.instrumentation.<0>.regex.tagname
matches this regular expression.
Possible values: Regular expression
Default value:
Change effective: After Restart
Access Mode: Public
ohi.instrumentation.<0>.regex.tagname
Tag name subject to testing with the regular expression that you specify as property ohi.instrumentation.<0>.regex
. The system
publishes data for the timer if the tag name matches the regular expression.
Possible values: String
Default value:
Change effective: After Restart
Access Mode: Public
For ohi.instrumentation.gather.<0> the placeholder values are: "dylo", "activityprocessing", "extract", "persistence", "resource", "task", "springbatch", "datareplication".
|
See the Operations Guide for details about metric related properties.
Task Processing
ohi.taskprocessing.notification.endpoint
The URL to which notifications should be sent by OHI if the task is in PROCESSING/PENDING status for a longer period or if the
task is in ERRORED status. (Note that the maximum time a task can be in PROCESSING/PENDING status is configurable)
Possible values: String
Default value:
Change effective: Immediate
Access Mode: Public
ohi.taskprocessing.scheduler.frequency
Determines how frequently the scheduler should run.
Possible values: Integer ≥ 1
Default value: 3600
Change effective: Next Execution
Access Mode: Protected
ohi.taskprocessing.scheduler.pending.overhead
Determines the overhead in seconds over the pending time interval to check if a task is stuck in the PENDING status.
Possible values: Integer≥0
Default value: 600
Change effective: Immediate
Access Mode: Protected
ohi.taskprocessing.<0>.processing.timeinterval
The maximum time for which a task can be present in the PROCESSING status. The scheduler will recover the task if it is in
PROCESSING status for a time greater than this time interval. Allowable values are the ref_code’s: 'PolicyUpdateRequestPolling',
'DataReplicationTargetSynchronization', 'IntegrationEventAggregateCreator', 'IntegrationTransformation',
'RepublishingFailedMessages'. ref_code replaces <0>.
Possible values: Integer ≥ 1
Default value: 300
Change effective: Immediate
Access Mode: Protected