The AUTH keyword on the CONSOLE statement of CONSOLxx allows you to control the command authority of your full-capability consoles so that the system accepts commands defined by command group that you assign for the console. For example, consoles with master authority can issue all commands, including those that affect other consoles (including extended MCS consoles). On the other hand, a console used only to issue I/O commands, such as PURGE, MOUNT, and UNLOAD, needs the authority to issue only certain commands. For this reason, MVS™ commands are grouped into system command groups that allow you to control which commands operators can issue from any given console.
For a list of the commands in each group see system command group information in z/OS MVS System Commands. (For information about JES commands, see z/OS JES2 Commands or z/OS JES3 Commands.)
Operators can use the VARY CN command to change AUTH.
An operator can enter informational commands from any full-capability console. You can specify any combination of SYS, IO, and CONS together on the AUTH keyword so that an operator can enter these commands (along with informational commands) from the console. If an operator enters a command at a console where it is not authorized, MVS rejects the command and sends an error message to the issuing console.
Because consoles can receive messages based on assigned routing codes and message levels, ensure that the console has the proper authority for the operator to be able to respond to the message. For a description of message routing codes and levels, see Message and command routing.