Using ESI to manage passwords

ESI provides a security management API which can be used to manage the user IDs and passwords that the ECI uses.

The user application can perform the following functions:

Verify that a password matches the password or password phrase recorded by the CICS® External Security Manager (ESM) for a specified user ID.
Change the password or password phrase recorded by the CICS ESM for a specified user ID.
Determine if a user ID is revoked, or a password or password phrase has expired.
Obtain additional information about a verified user such as:
- When the password or password phrase is due to expire
- When the user ID was last accessed
- The date and time of the current verification
- How many unauthorized attempts there have been for this user since the last valid access

To use the ESI interface, CICS Transaction Gateway must be connected to the CICS server with IPIC. An ESM, such as Resource Access Control Facility (IBM® RACF®), which is part of the IBM z/OS® Security Server, or an equivalent ESM, must also be available to the CICS server.