Authentication IBM data server driver configuration keyword

Specifies the type of authentication to be used with file DSN or DSN-less connectivity.

Important: The SERVER_ENCRYPT authentication type is deprecated, and the SERVER_ENCRYPT_AES authentication type will not work in strict FIPS mode when FIPS 140-3 certified cryptographic modules are introduced in a future version of Db2. For more information on the deprecation, see Authentication methods for your server.
Equivalent CLI keyword
Authentication
Equivalent IBM Data Server Provider for .NET connection string keyword
Authentication
IBM® data server driver configuration keyword syntax
<parameter name="Authentication" value="CERTIFICATE | SERVER | SERVER_ENCRYPT | SERVER_ENCRYPT_AES | KERBEROS | GSSPLUGIN | TOKEN"/>
Note: The TOKEN option is available starting from Db2® version 11.5.4.
Default setting:
Not Specified
Usage notes:

If the Authentication keyword is set to KERBEROS, you must also set the TargetPrinciple keyword.

You can specify the SSL client authentication by setting the Authentication keyword to the CERTIFICATE value for connection to Db2 for z/OS servers with following conditions:
  • A connection to the server must be established with the CLI driver or IBM Data Server Provider for .NET. The CERTIFICATE authentication is specific to CLI, ODBC, or .NET connections.
  • Db2 for z/OS server must be Version 10 or later. If you are connecting to Db2 for z/OS Version 10 server, Known Issue PM53450 must be installed.
  • Connections to Db2 for z/OS server must be a direct connection between a client and supported Db2 for z/OS server. You cannot use Db2 Connect server as a gateway to establish connection to target Db2 for z/OS servers.
  • The SSLCLientLabel keyword must set.
  • A connection to supported Db2 for z/OS servers must be made with the application connection string or with the IBM data server driver configuration file. For the CLI driver connection, you can use the db2cli.ini file instead of the IBM data server driver configuration file. You cannot use the local database catalog to establish connections to Db2 for z/OS servers.
  • You cannot specify a user password.
  • For more information about the values SERVER, SERVER_ENCRYPT, SERVER_ENCRYPT_AES, KERBEROS, see Authentication types supported with Db2 Connect Server.