Verify security requirements

Db2® Automation Expert requires no extra security measures outside of standard Db2 security.

If your site uses ACF2 to restrict TSO command use, you may need to add the TSO commands that Db2 Automation Expert uses to the ACF2 Command Limiting table. The TSO commands that Db2 Automation Expert uses are: DAJ$MAIN, DAJ@BULD, and FECDBCX.

About multi-factor authentication support

The primary user interface to Db2 Automation Expert is through its ISPF application, which has multi-factor authentication (MFA) support through TSO logon processing. All authentication is done before Db2 Automation Expert is invoked and no additional MFA processing is necessary.

The Db2 services that are used by Db2 Automation Expert are invoked using the standard attachment facilities. For the stored procedures that can be accessed by REST services, the authentication is done by Db2.

For additional information, refer to the following related topics: