Define the application protection for Debug Profile Service

This section provides a few RACF commands that define the security controls for the application ID (APPLID) EQAAPPL. It specifies the users or groups that can access the APPLID and EQAAPPL during SAF JSON Web Token (JWT) authentications. For more information on the security requirement, see Adding support for Authentication Service API.

You must activate the APPL class:

SETROPTS CLASSACT(APPL)
SETROPTS RACLIST(APPL) REFRESH

Allow any user to access EQAAPPL

You can allow any user to access EQAAPPL by using the following universal configurations:

Create a profile in the APPL class:

RDEFINE APPL EQAAPPL UACC(READ) DATA('Debug Profile Service')

Implement the APPL changes:
```
SETROPTS RACLIST(APPL) REFRESH
```
List the details of the resource:
```
RLIST APPL EQAAPPL
```

Restrict access to EQAAPPL

You can restrict any user from accessing EQAAPPL by using the following configurations:

Create a profile in the APPL class:

RDEFINE APPL EQAAPPL UACC(NONE) DATA('Debug Profile Service')

Provide STCEQA READ access:

PERMIT EQAAPPL CLASS(APPL) ID(userid or groupname) ACCESS(READ)

Implement the APPL changes:
```
SETROPTS RACLIST(APPL) REFRESH
```
List the details of the resource:
```
RLIST APPL EQAAPPL
```