rseapi.env, the RSE API configuration file

The RSE API server processes use the definitions in rseapi.env.

rseapi.env is located in /etc/zexpl/, unless you specified a different location when you customized and submitted the HUH.SHUHSAMP(HUHSETUP) job. For more details, see Customization setup. You can edit the file with the TSO OEDIT command.

See the following sample rseapi.env file, which can be customized to match your system environment. Default values are provided for all variables that are not explicitly specified. The syntax of the file follows standard z/OS® UNIX shell syntax rules. For example, comments start with a number sign (#) when using a US code page, and spaces around the equal sign (=) are not supported.

Note:
  • For your changes to take effect, the RSEAPI started task must be restarted.
  • The rse.env configuration file of requisite product IBM® Explorer for z/OS is processed before rseapi.env is processed. Therefore, in rseapi.env, you can use variables that are defined in rse.env.
  • Variable RSEAPI_CFG is set by the caller and can be used inside rseapi.env.
Figure 1. rseapi.env: RSE API configuration file
#
# rseapi.env - RSE API environment variables
#

#=============================================================
# optional definitions, defaults provided if not specified
#=============================================================

# Directory where RSE API is installed
#-------------------------------------------------------------
#RSEAPI_HOME=/usr/lpp/IBM/rseapi

# Directory where Java is installed (default set in rse.env)
#-------------------------------------------------------------
#JAVA_HOME=${JAVA_HOME:-/usr/lpp/java/J11.0_64}

# RSE API server and JES Job Monitor ports
#-------------------------------------------------------------
#RSEAPI_PORT_HTTP_1=6800
#RSEAPI_PORT_SHUTDOWN_1=60800
#RSEAPI_JMON_PORT_1=$_RSE_JMON_PORT

# Security class where HUH.* profiles are defined
#-------------------------------------------------------------
#RSEAPI_HUH_SAF_CLASS=${_RSE_FEK_SAF_CLASS:-FACILITY}

# Encrypted communication details
#-------------------------------------------------------------
# Use this for a SAF keyring owned by the started task user ID
#RSEAPI_KEYRING="SAF.ring"
# Use this for another SAF keyring or a keystore file
#RSEAPI_KEYSTORE_FILE="safkeyringjce://$(id -un)/$RSEAPI_KEYRING"
#RSEAPI_KEYSTORE_PASS="password"
#RSEAPI_KEYSTORE_TYPE="JCERACFKS"

# When using AT-TLS, the server must run with SECURE=false
#RSEAPI_USING_ATTLS=false

#RSEAPI_SSL_ENABLED_PROTOCOLS=TLSv1.2
#RSEAPI_SSL_CIPHERS=

# Directory where RSE API logs are stored
#-------------------------------------------------------------
#RSEAPI_LOGS=$RSE_LOGS

# Work directory for RSE API
#-------------------------------------------------------------
#RSEAPI_DATA=/var/zexpl/rseapi

# Work directory for Apache Tomcat server
#-------------------------------------------------------------
#RSEAPI_WORKDIR=$RSEAPI_DATA/rseapi_WORK

# Location of rse.env if not in $RSEAPI_CFG
#-------------------------------------------------------------
#RSE_CFG=

# Location for temporary catalina data
#-------------------------------------------------------------
#CATALINA_TMPDIR=$TMPDIR

# RSE API connector protocol
#-------------------------------------------------------------
#RSEAPI_HTTP_PROTOCOL=HTTP/1.1

# JWT support during port sharing
#-------------------------------------------------------------
#RSEAPI_SHARED_JWT_HMAC=false

# Maximum file size for GET request (in KB)
#-------------------------------------------------------------
#RSEAPI_MAX_FILE_SIZE_KB=3072

# Default host encoding
#-------------------------------------------------------------
#RSEAPI_HOST_ENCODING=IBM-1047

# Include tracing for exceptions in stderr
#-------------------------------------------------------------
#RSEAPI_TRACE_EXCEPTIONS=true

# Logging detail level for Apache Tomcat logger handles
# Value: {SEVERE|WARNING|INFO|CONFIG|FINE|FINER|FINEST|ALL}
#-------------------------------------------------------------
#RSEAPI_LOG_LEVEL=SEVERE

# Debug level of server common logging
# Value: {ERROR|WARN|INFO|DEBUG|EXCEPTION}
#-------------------------------------------------------------
#RSEAPI_SERVER_LOG_LEVEL=WARN

# Buffer size for rawContent uploads and downloads (in bytes)
#-------------------------------------------------------------
#RSEAPI_FILE_BUFFER_SIZE=51200

# User idle shutdown timeout (in ms)
#-------------------------------------------------------------
#DSTORE_IDLE_SHUTDOWN_TIMEOUT=3600000

# Override the option to use threaded miners. By default,
# RSE API creates a separate thread for each miner, per user.
# When set to false, the number of overall threads used is reduced.
#-------------------------------------------------------------
#DSTORE_USE_THREADED_MINERS=false

# Override RSE API authentication to use Zowe ML (for Zowe SSO scenarios)
# If Zowe ML is being used as a gateway, this option causes
# RSE API delegate authentication.  The ZOWE_ML variable needs
# to point to a valid Zowe ML URL of the form:
#     https://<host>:<port>/
#-------------------------------------------------------------
#ZOWE_ML=<Zowe ML Base URL>

# Override this option to specify a custom MVS mappings file
# location. The default location is:
#     $RSEAPI_CFG/mvsMappings.json
#-------------------------------------------------------------
#RSEAPI_MVS_MAPPING_FILE=<Path to mvsMappings JSON file>

# Use this option to specify cors.allowed.origins
# The value of an entry should be of the form:
#     http(s)://<host>:<port>
# For multiple origins, use comma separated values
#-------------------------------------------------------------
#CORS_ALLOWED_ORIGINS=http://localhost:8080

# Options to enable the redirect feature.
# 1. To enable the redirect filter. Default to false.
#    To enable the auto-scaling overflow feature. Default to false.
#-------------------------------------------------------------
#RSEAPI_REDIRECT_ENABLE=true
#RSEAPI_OVERFLOW_ENABLE=true

# 2. To define the overflow-servers chains.
#    Startup and shutdown port numbers of each server with the
#    specified server number must be defined correspondingly.
#
#    RSEAPI_OVERFLOW_FOR_n=m   # 'm' is direct overflow server
#                              # for server 'n'
#-------------------------------------------------------------
# For primary server number 1
#RSEAPI_OVERFLOW_FOR_1=2
#RSEAPI_OVERFLOW_FOR_2=3
#RSEAPI_OVERFLOW_FOR_3=4

# 3. To define the resource thresholds to monitor or to overflow
#    a request
#-------------------------------------------------------------
#RSEAPI_MAX_MEM_USED_PC=80
#RSEAPI_MAX_MEM_USED_PERIOD_SEC=60

#RSEAPI_MAX_USERS=50
#RSEAPI_MAX_THREADS=1200

# 4. To configure the checking interval and properties for the
#    direct overflow server.
#-------------------------------------------------------------
#RSEAPI_OVERFLOW_SPAWN_WAIT_MSEC=3000
#RSEAPI_OVERFLOW_CHECK_MINUTE=2
#RSEAPI_OVERFLOW_PORT_IN_USE_RECHECK=true


# Enable the following option to support trusted tcp/ip clients
# that are already logged into the same z/OS system.  In order for
# this to work, /usr/lib/libEZBTrustedPartner.so (or /usr/lib/libEZBTrustedPartner64.so)
# must be configured to be program controlled.  If you're not able to
# modify those files under /usr/lib, they could be copied and modified in
# a separate library that comes earlier in your LIBPATH
#-------------------------------------------------------------
#RSEAPI_SUPPORT_TRUSTED_TCP=true

# The SPIRIT settings are used to control memory cleanup within active
# user sessions.
# SPIRIT_INTERVAL_TIME indicates how long (in seconds) to wait before
# checking a queue of elements flagged for removal.
# SPIRIT_EXPIRY_TIME indicates how long (in seconds) to wait before a
# queued element is removed.
#-------------------------------------------------------------
#DSTORE_SPIRIT_ON=true
#SPIRIT_INTERVAL_TIME=60
#SPIRIT_EXPIRY_TIME=60


# Enable (TRUE) ISPF Interactive Gateway, default is set in rse.env.
#-------------------------------------------------------------
#CGI_CEATSO=TRUE

# Override the default ISPF Interactive Gateway setting for
# a specific server instance. i.e. CGI_CEATSO_<server number>=<TRUE|FALSE>
#-------------------------------------------------------------
#CGI_CEATSO_1=FALSE
#CGI_CEATSO_2=TRUE

# Disable (FALSE) ISPF Interactive Gateway keepalive, default is
# set in rse.env.
#-------------------------------------------------------------
#CGI_CEATSO_KEEPALIVE=FALSE

# Set fixed values for ISPF Interactive Gateway, default is in SAF
# TSO segment for user
#-------------------------------------------------------------
#RSEAPI_CGI_CEATSO_PROCNAME=
#RSEAPI_CGI_CEATSO_ACCOUNT_NUMBER=
#RSEAPI_CGI_CEATSO_GROUP_ID=
#RSEAPI_CGI_CEATSO_REGION_SIZE=

# Override fixed values for ISPF Interactive Gateway for a specific
# server instance. i.e. RSEAPI_CGI_CEATSO_<property>_<server number>
#-------------------------------------------------------------
#RSEAPI_CGI_CEATSO_PROCNAME_2=
#RSEAPI_CGI_CEATSO_ACCOUNT_NUMBER_2=
#RSEAPI_CGI_CEATSO_GROUP_ID_2=
#RSEAPI_CGI_CEATSO_REGION_SIZE_2=

# To enable the Common Properties service, this variable needs to
# set to a shared UNIX directory on the system.
#-------------------------------------------------------------
#RSE_COMMON_PROPERTIES=

# Override the Common Properties shared folder for a specific
# server instance.  i.e. RSE_COMMON_PROPERTIES_<server number>=
#-------------------------------------------------------------
#RSE_COMMON_PROPERTIES_1=
#RSE_COMMON_PROPERTIES_2=

# To enable the private Common Properties service, this variable
# needs to set to a UNIX directory relative to a given user
# home directory.  Private Common Properties for a user will be
# stored under /<user home>/RSE_COMMON_PROPERTIES_PRIVATE_RELATIVE
#-------------------------------------------------------------
#RSE_COMMON_PROPERTIES_PRIVATE_RELATIVE=private_common_properties

# To control cache validity period when using the Common Properties
# service, the following variable can be overridden.  This value
# is the time in milliseconds a cached version of a namespace will
# be considered valid.
#-------------------------------------------------------------
#RSE_COMMON_PROPERTIES_TIMEOUT=5000
The following definitions are optional. If omitted, default values are used.
RSEAPI_HOME
RSE API home directory. The default is the directory specified in the HOME variable of the RSEAPI started task (default /usr/lpp/IBM/rseapi). Uncomment and change to match your RSE API installation.
Note: RSE API startup will fail if RSEAPI_HOME is not equal to the HOME variable of the RSEAPI started task.
RSEAPI_PORT_HTTP_1
RSE API port for server 1. The default is 6800. Uncomment and change to match your setup.
Note:
  • Before selecting a port, verify that the port is available on your system by using the TSO commands NETSTAT and NETSTAT PORTL.
  • This port is used for client-host communication.
  • The number in this variable name (RSEAPI_PORT_HTTP_<num>) corresponds to the value of the SRVNUM variable in the started task. For example, RSEAPI_PORT_HTTP_3 is used when launching a server with SRVNUM=3. If you are starting RSE API via the z/OS UNIX command line, it corresponds to the value of the -P or -S startup argument.
RSEAPI_PORT_SHUTDOWN_1
RSE API shutdown port for server 1. The default is 60800. Uncomment and change to match your setup.
Note:
  • Before selecting a port, verify that the port is available on your system by using the TSO commands NETSTAT and NETSTAT PORTL.
  • This port is used to shut down the RSE API server via the z/OS Unix command line.
  • The number in this variable name (RSEAPI_PORT_SHUTDOWN_<num>) corresponds to the value of the SRVNUM variable in the started task. For example, RSEAPI_PORT_SHUTDOWN_3 is used when launching a server with SRVNUM=3. If you are starting RSE API via the z/OS UNIX command line, it corresponds to the value of the -P or -S startup argument.
RSEAPI_JMON_PORT_1

RSE API JES Job Monitor port for server 1. The default is the JES Job Monitor port from the base RSE configuration, for example defined with variable _RSE_JMON_PORT in rse.env. Uncomment and change to match the port number of a different specific JMON server.

Note: The number in this variable name (RSEAPI_JMON_PORT_<num>) corresponds to the value of the SRVNUM variable in the started task. For example, RSEAPI_JMON_PORT_3 is used for server with SRVNUM=3. If you are starting RSE API via the z/OS UNIX command line, it corresponds to the value of the -P or -S startup argument. If not set, the port from the base configuration will be used.
RSEAPI_HUH_SAF_CLASS

Specifies the security class where HUH.* profiles are defined. The default value depends on definitions in requisite product Z Explorer (FMID HALGxxx). If variable _RSE_FEK_SAF_CLASS is defined in rse.env, then the default matches the value of that variable, otherwise the default is FACILITY. Uncomment and change to use the specified value.

RSEAPI_KEYRING

Specifies the name of the SAF key ring that holds the server certificate and private key for HTTPS encrypted communication. The default value is SAF.ring. Uncomment and change to use the specified value.

Note: This variable is not used when the RSEAPI started task specifies SECURE='false' as startup argument.
RSEAPI_KEYSTORE_FILE

Specifies the name of the fully qualified SAF key ring or KeyStore file (deprecated) that holds the server certificate and private key for HTTPS encrypted communication. The default value is safkeyringjce://$(id -un)/$RSEAPI_KEYRING, which results in using the SAF key ring specified in variable RSEAPI_KEYRING, owned by the RSEAPI started task user ID. Uncomment and change to use the specified value.

Note: This variable is not used when the RSEAPI started task specifies SECURE='false' as startup argument.
RSEAPI_KEYSTORE_PASS

Specifies the password that is needed to access the KeyStore file (deprecated) referenced by variable RSE_API_KEYSTORE_FILE. When RSE_API_KEYSTORE_FILE references a SAF key ring, the value for RSEAPI_KEYSTORE_PASS must be password. Note that access to the SAF key ring is secured using security permits, not this password. The default value is password. Uncomment and change to use the specified value.

Note: This variable is not used when the RSEAPI started task specifies SECURE='false' as startup argument.
RSEAPI_KEYSTORE_TYPE
Specifies what type of SAF key ring or KeyStore file (deprecated) is referenced by variable RSE_API_KEYSTORE_FILE. The default value is JCERACFKS, which indicates a SAF key ring where the private key is stored in the security database. Uncomment and change to use the specified value.
Note: This variable is not used when the RSEAPI started task specifies SECURE='false' as startup argument.
RSEAPI_USING_ATTLS
When true, this variable specifies that Application Transparent Transport Layer Security (AT-TLS) is responsible for managing HTTPS encrypted communication, in which case the RSEAPI started task must specify SECURE='false' as startup argument. When false, the RSEAPI started task is responsible for managing HTTPS encrypted communication. Valid values are true and false. The default value is false. Uncomment and change to use the specified value.
Note: RSE API currently cannot detect if AT-TLS is actually encrypting the communication. It is up to the system administrator to ensure this is the case when RSEAPI_USING_ATTLS is set to true.
RSEAPI_SSL_ENABLED_PROTOCOLS
A comma (,) separated list of encryption protocol names that are supported for HTTPS encrypted communication. Valid values are defined by the IBMJSSE2 security provider and are documented in the Security Guide of IBM SDK, Java Technology. Note that the usage of keywords that represent multiple protocols is not supported. The default value is TLSv1.2, which results in accepting only the TLS v1.2 protocol. Uncomment and change to use the specified value.
Note: This variable is not used when the RSEAPI started task specifies SECURE='false' as startup argument.
RSEAPI_SSL_CIPHERS
A comma (,) separated list of encryption cipher suite names that are allowed for HTTPS encrypted communication. Valid values are defined by the IBMJSSE2 security provider and are documented in the Security Guide of IBM SDK, Java Technology. The default depends on the encryption protocol selected with variable RSEAPI_SSL_ENABLED_PROTOCOLS. Uncomment and change to use the specified value.
Note: This variable is not used when the RSEAPI started task specifies SECURE='false' as startup argument.
RSEAPI_LOGS
The root for the RSE API log directory. The default is $RSE_LOGS that is the root for the log directory used by the requisite product IBM Explorer for z/OS. The log of each instance of RSE API resides in $RSEAPI_LOGS/${RSEAPI_PORT_HTTP_<num>}.<num>. For example, if server 1 is on port 6800, then the logs will be in $RSEAPI_LOGS/6800.1.

Uncomment and change to use the specified path.

RSEAPI_DATA
RSE API data location. The default is /var/zexpl/rseapi. Uncomment and change to use the specified path.
Note: If you did not use the SHUHSAMP(HUHSETUP) sample job to build the customizable environment, verify that the last directory in the path specified in RSEAPI_DATA has read, write, and execute permission for owner, group, and other (permission bitmask 777).
RSEAPI_WORKDIR
RSE API work directory. The default is $RSEAPI_DATA/rseapi_WORK. Uncomment and change to use the specified path.
Note: If you did not use the SHUHSAMP(HUHSETUP) sample job to build the customizable environment, verify that the last directory in the path specified in RSEAPI_DATA has read, write, and execute permission for owner, group, and other (permission bitmask 777).
RSE_CFG
Directory holding rse.env, the configuration file of requisite product IBM Explorer for z/OS. The default is a null string, which results in using the value of variable RSEAPI_CFG. RSEAPI_CFG is set in the RSEAPI started task. Uncomment and change to match your z/OS Explorer setup.
Note: RSE API startup will fail if RSE_CFG is not equal to the RSECFG variable of the RSEAPI started task.
CATALINA_TMPDIR
Specifies the path used to store temporary files. The default is $TMPDIR. Uncomment and change to use the specified path.
RSEAPI_HTTP_PROTOCOL
RSE API protocol. The default is HTTP/1.1. Uncomment and change to match your setup.
RSEAPI_SHARED_JWT_HMAC

The RSEAPI started task supports using the OAuth Authorization Framework (RFC 6750), and using JSON Web Tokens (JWT) as Bearer tokens. Use RSEAPI_SHARED_JWT_HMAC to enable or disable a shared JWT among multiple RSEAPI started tasks that are port sharing. The default is false. Uncomment and specify true to enable this setting.

Note: When user ID & password are used for basic authentication, RSEAPI_SHARED_JWT_HMAC is not used.
RSEAPI_MAX_FILE_SIZE_KB
The maximum file size for the GET request in kilobytes. The default is 3072. Uncomment and change to use the specified value.
RSEAPI_HOST_ENCODING
The host encoding of remote z/OS resources. The default is IBM-1047. Uncomment and change to use the specified value.
RSEAPI_TRACE_EXCEPTIONS
When RSE API end points hit expected or unexpected exceptions, it can trace those exceptions to stderr. Use RSEAPI_TRACE_EXCEPTIONS to enable tracing to stderr. The default is false. Uncomment and specify true to enable this setting.
RSEAPI_LOG_LEVEL
Detail level for the Apache Tomcat logger. The default is SEVERE, which logs error messages only. Uncomment and change to use the specified value. Valid values are SEVERE, WARNING, INFO, CONFIG, FINE, FINER, FINEST, and ALL.

For more information about logging levels, see The Level class.

RSEAPI_SERVER_LOG_LEVEL
The detail level for RSE API common logs. The default is WARN, which logs warning and error messages only. Uncomment and change to use a specific value. Valid values are ERROR, WARN, INFO, DEBUG, and EXCEPTION.
Note: Higher log levels, such as INFO or DEBUG, might cause excessive server logging activity and performance degradation. Use these levels with caution.
RSEAPI_FILE_BUFFER_SIZE
The buffer size in bytes to use when uploading and downloading raw content. The default is 51200. Uncomment and change to use the specified value.
DSTORE_IDLE_SHUTDOWN_TIMEOUT
The option to disconnect users who are idle for the listed number of milliseconds. Default is 3600000 ms which equals to 1 hour. Uncomment and change to use the specified value.
DSTORE_USE_THREADED_MINERS
The option to use threaded miners. By default, it is set to true. RSE API creates a separate thread for each miner per user. To reduce the number of overall threads used, uncomment and overwrite to false.
ZOWE_ML
The option to use Zowe Mediation Layer for Zowe SSO scenarios as RSE API authentication. By default, the ZOWE_ML option is not set. If it is set, RSE API delegates authentication to the Zowe Mediation Layer. Any authentication calls are forwarded to Zowe Mediation Layer, and RSE API works with the Zowe Mediation Layer bearer tokens. The expected use case is for SSO scenarios where a user wants to use a single JWT for all host services, for example, with Zowe on-boarding.
The ZOWE_ML option needs to point to a valid Zowe ML URL of the form: https://<host>:<port>/. Uncomment and use the specified URL.
RSEAPI_MVS_MAPPING_FILE
The option to define the location of the MVS mappings file. The MVS mappings file describes how data sets and members map to host encodings, file extensions, and transfer types. When this option is not explicitly set, the default location is $RSEAPI_CFG/mvsMappings.json. When RSE APIs are used to download or upload MVS content, these mappings determine the defaults for the transfer mode and host encoding. A client can perform the following tasks:
  • Use the GET /datasets/mappings API to retrieve the all the mappings.
  • Use the GET /datasets/{dsn}/members API with the optional HTTP request header Mapping=true to include the corresponding mappings when retrieving a list of members.
If the MVS mappings file does not exist, RSE API generates a default file. The default file looks like this:
{
  "mappings": [
    {
      "extension": "cpy",
      "transfer": "text",
      "resource": "**CPY"
    },
    {
      "extension": "pli",
      "transfer": "text",
      "resource": "**PLI"
    },
    {
      "extension": "asm",
      "transfer": "text",
      "resource": "**ASSEMBLE"
    },
    {
      "extension": "obj",
      "transfer": "binary",
      "resource": "**OBJ"
    },
    {
      "extension": "exe",
      "transfer": "binary",
      "resource": "**LOAD"
    },
    {
      "extension": "cmd",
      "transfer": "text",
      "resource": "**CLIST"
    },
    {
      "extension": "jcl",
      "transfer": "text",
      "resource": "**JCL"
    },
    {
      "extension": "cmd",
      "transfer": "text",
      "resource": "**SIGYCLST"
    },
    {
      "extension": "jcl",
      "transfer": "text",
      "resource": "**CNTL"
    },
    {
      "transfer": "text",
      "resource": "**LISTING",
      "encoding": "IBM-1047"
    },
    {
      "extension": "out",
      "transfer": "text",
      "resource": "**OUTLIST"
    },
    {
      "extension": "inc",
      "transfer": "text",
      "resource": "**INCLUDE"
    },
    {
      "extension": "mac",
      "transfer": "text",
      "resource": "**MACRO"
    },
    {
      "extension": "rex",
      "transfer": "text",
      "resource": "**REXX"
    },
    {
      "extension": "rex",
      "transfer": "text",
      "resource": "**EXEC"
    },
    {
      "extension": "err",
      "transfer": "binary",
      "resource": "**ERRWDZ",
      "encoding": "UTF-16BE"
    },
    {
      "extension": "cpy",
      "transfer": "text",
      "resource": "**COPYLIB"
    },
    {
      "extension": "xml",
      "transfer": "text",
      "resource": "**XML",
      "encoding": "IBM-1047"
    },
    {
      "extension": "bms",
      "transfer": "text",
      "resource": "**BMS"
    },
    {
      "extension": "c",
      "transfer": "text",
      "resource": "**.C",
      "encoding": "IBM-1047"
    },
    {
      "extension": "cpp",
      "transfer": "text",
      "resource": "**.CPP",
      "encoding": "IBM-1047"
    },
    {
      "extension": "asm",
      "transfer": "text",
      "resource": "**ASM"
    },
    {
      "extension": "h",
      "transfer": "text",
      "resource": "**.H",
      "encoding": "IBM-1047"
    },
    {
      "extension": "hpp",
      "transfer": "text",
      "resource": "**.HPP",
      "encoding": "IBM-1047"
    },
    {
      "extension": "err",
      "transfer": "binary",
      "resource": "**ERRRDZ**",
      "encoding": "UTF-16BE"
    },
    {
      "extension": "scl",
      "transfer": "text",
      "resource": "**SCLLIB"
    },
    {
      "extension": "jcl",
      "transfer": "text",
      "resource": "**JCLLIB"
    },
    {
      "extension": "jcl",
      "transfer": "text",
      "resource": "**PROCLIB"
    },
    {
      "extension": "azucfg",
      "transfer": "binary",
      "resource": "**AZUCFG",
      "encoding": "UTF-8"
    },
    {
      "extension": "azures",
      "transfer": "binary",
      "resource": "**AZURES",
      "encoding": "UTF-8"
    },
    {
      "extension": "azugen",
      "transfer": "binary",
      "resource": "**AZUGEN",
      "encoding": "UTF-8"
    },
    {
      "extension": "azusch",
      "transfer": "binary",
      "resource": "**AZUSCH",
      "encoding": "UTF-8"
    },
    {
      "extension": "azutdt",
      "transfer": "binary",
      "resource": "**AZUTDT",
      "encoding": "UTF-8"
    },
    {
      "extension": "bzucfg",
      "transfer": "binary",
      "resource": "**BZUCFG",
      "encoding": "UTF-8"
    },
    {
      "extension": "bzures",
      "transfer": "binary",
      "resource": "**BZURES",
      "encoding": "UTF-8"
    },
    {
      "extension": "tdat",
      "transfer": "binary",
      "resource": "**DATA"
    },
    {
      "extension": "tmpl",
      "transfer": "binary",
      "resource": "**TEMPLATE"
    },
    {
      "extension": "mfs",
      "transfer": "text",
      "resource": "**TEMPLATE"
    }
  ],
  "default.encoding": "IBM-1047"
}
For example, if a data set is named HLQ.ABC.CPY, it maps to the resource pattern **CPY. When using a file transfer API, RSE API will default to the text mode with the default encoding. A data set named HLQ.XYZ.AZUGEN will map to the **AZUGEN resource pattern and will use the binary mode for file transfer.
You can customize this file to use mappings appropriate for a shop. On RSEAPI startup, the file is validated against the JSON schema. The schema is located in the tomcat.base/conf/MVSMapping-Schema.json file, which looks like as follows:
{
    "$schema": "http://json-schema.org/draft-06/schema#",
    "$ref": "#/definitions/FileSystemMapping",
    "definitions": {
        "FileSystemMapping": {
            "type": "object",
            "additionalProperties": false,
            "properties": {
                "mappings": {
                    "type": "array",
                    "items": {
                        "$ref": "#/definitions/Mapping"
                    }
                },
                "default.encoding": {
                    "type": "string"
                }
            },
            "required": [
                "default.encoding",
                "mappings"
            ],
            "title": "FileSystemMapping"
        },
        "Mapping": {
            "type": "object",
            "additionalProperties": false,
            "properties": {
                "extension": {
                    "type": "string"
                },
                "transfer": {
                    "$ref": "#/definitions/Transfer"
                },
                "resource": {
                    "type": "string"
                },
                "memberMappings": {
                    "type": "array",
                    "items": {
                        "$ref": "#/definitions/Mapping"
                    }
                },
                "encoding": {
                    "type": "string"
                }
            },
            "required": [
                "resource",
                "transfer"
            ],
            "title": "Mapping"
        },
        "Transfer": {
            "type": "string",
            "enum": [
                "text",
                "binary"
            ],
            "title": "Transfer"
        }
    }
}
CORS_ALLOWED_ORIGINS
The option to specify Cross-Origin Resource Sharing (CORS). CORS allows websites from one domain to access resources from another domain. You can use this option to configure a comma-separated list of domains that are sanctioned to access the server.

The value of an entry should be of the form: http(s)://<host>:<port>, for example, http://localhost:8080. For multiple origins, use comma (,) to separate values.

RSEAPI_REDIRECT_ENABLE
Enables the validation of resource usage against the threshold of a server accepting requests. The default is false. Set it to true to enable the feature.
RSEAPI_OVERFLOW_ENABLE
Enables the autoscaling feature for a server to forward requests when it reaches the resource usage threshold and cannot handle the requests. The default is false. Set it to true to enable the feature. You must set RSEAPI_REDIRECT_ENABLE to be true before enabling RSEAPI_OVERFLOW_ENABLE.
RSEAPI_OVERFLOW_FOR_n
The server number of the direct overflow server for the server number n.
Note: The ports of the servers with specified numbers must be defined. For example, RSEAPI_OVERFLOW_FOR_n=m denotes server m is the direct overflow of server n. The servers must be defined as in:
Server m:
RSEAPI_HTTP_PORT_n=<port_number> and RSEAPI_PORT_SHUTDOWN_n=<port_number>, corresponding to SERVER_NUM=n or SRVNUM used in the server started task
Server n:
RSEAPI_HTTP_PORT_m=<port_number> and RSEAPI_PORT_SHUTDOWN_m=<port_number>, corresponding to SERVER_NUM=m or SRVNUM used in the server started task
RSEAPI_MAX_MEM_USED_PC
The hard limit of memory usage percentage for a server. When the limit is reached and the server does not have an overflow server, it will stop accepting new incoming requests. The default value is 80%.
RSEAPI_MAX_MEM_USED_PERIOD_SEC
The time interval in sec that a server will check and validate on the hard limit of the used memory percentage. The default value is 60 sec.
RSEAPI_MAX_USERS
The maximum number of users sessions that a server can handle. The default is 50. The maximum is 100. When the number of user sessions exceeds this setting, the server redistributes the current incoming request to an overflow server if one is configured; otherwise, the server might deny the request.
RSEAPI_MAX_THREADS
The maximum number of active threads that a server can have at a time. The default is 1200. When the number of current active threads exceeds this setting, the server redistributes the current incoming request to an overflow server if one is configured; otherwise, it might deny the request.
RSEAPI_OVERFLOW_SPAWN_WAIT_MSEC
After a direct overflow server is restarted, the wait time before a server sends status checking requests to the direct overflow server to check if the overflow server can accept requests. The default value is 3000 milliseconds.
RSEAPI_OVERFLOW_CHECK_MINUTE
The expiration period of the cache for the active status of a direct overflow server. The default is 2 minutes.
RSEAPI_OVERFLOW_PORT_IN_USE_RECHECK
To enable a recheck on the status of the overflow port for a server to retry the spawning of its overflow if the port is currently in use by other applications.
RSEAPI_SUPPORT_TRUSTED_TCP
Option to authenticate using Trusted TCP. When the option is enabled and the communication partner is active on the local z/OS system, TCPIP can provide RSE API with the user ID of the communication partner, avoiding the need for the partner to authenticate. By default, the option is disabled, but you can enable it by using the following option:
RSEAPI_SUPPORT_TRUSTED_TCP=<true|false>
Note: /usr/lib/libEZBTrustedPartner.so and /usr/lib/libEZBTrustedPartner64.so must be marked program controlled for this service to work. Sample command: extattr +p /usr/lib/libEZBTrustedPartner.so /usr/lib/libEZBTrustedPartner64.so.
DSTORE_SPIRIT_ON
Spiriting is the name of a mechanism used by z/OS Explorer to safely clean up the memory used by active user sessions. For 1.0.8 and later versions, the option is enabled by default. System programmers can customize the interval and expiry time (in seconds) although changing these settings is not recommended.
DSTORE_SPIRIT_ON=<true|false>
SPIRIT_INTERVAL_TIME=<num> (60 by default)
SPIRIT_EXPIRY_TIME=<num> (60 by default)
SPIRIT_INTERVAL_TIME
Indicates how long (in seconds) to wait before checking a queue of elements flagged for removal.
SPIRIT_EXPIRY_TIME
Indicates how long (in seconds) to wait before a queued element is removed.
CGI_CEATSO_KEEPALIVE
Prevent an idle Interactive ISPF Gateway session from timing out after 15 minutes. The default is inherited from the definition in rse.env. Uncomment and specify FALSE to allow the session to time out when not used.
CGI_CEATSO
Use the Interactive ISPF Gateway for TSO sessions. The default is inherited from the definition in rse.env. Uncomment and specify TRUE to use the Interactive ISPF Gateway instead of the Legacy ISPF Gateway. For more information, see (Optional) Interactive ISPF Gateway.
Note:
  • As of z/OS 2.2, Legacy ISPF Gateway, previously named TSO/ISPF Client Gateway, is deprecated and is no longer being enhanced. The functionality is now provided by the Interactive ISPF Gateway.
  • Interactive ISPF Gateway requires z/OS 2.2 and the Common Event Adapter (CEA) TSO/E address space manager service.
RSEAPI_CGI_CEATSO_n
You can enable and disable the CEA interactive TSO for specific servers. For example, three servers are using this rseapi.env, including server 1, server 2, and server 3.
The following block shows that server 3 does not have an override, and thus uses the default, which is legacy TSO due to the CGI_CEATSO=FALSE definition:
CGI_CEATSO =FALSE
CGI_CEATSO_1 =TRUE
CGI_CEATSO_2 = TRUE
The following block shows the interactive TSO options for server 1:
# CEA options for server 1
RSEAPI_CGI_CEATSO_PROCNAME_1=IZUFPROC
RSEAPI_CGI_CEATSO_ACCOUNT_NUMBER_1=ACCT#
RSEAPI_CGI_CEATSO_GROUP_ID_1=USRGRP
RSEAPI_CGI_CEATSO_REGION_SIZE_1=0
The following block shows the different interactive TSO options for server 2:
# CEA options for server 2
RSEAPI_CGI_CEATSO_PROCNAME_2=TSOTSO
RSEAPI_CGI_CEATSO_ACCOUNT_NUMBER_2=ACCT#
RSEAPI_CGI_CEATSO_GROUP_ID_2=USRGRP
RSEAPI_CGI_CEATSO_REGION_SIZE_2=0
RSEAPI_CGI_CEATSO_PROCNAME
Specify a fixed value for the TSO logon procedure used by the Interactive ISPF Gateway. The default is inherited from the user’s SAF TSO segment. Uncomment and change to use the specified value.
RSEAPI_CGI_CEATSO_ACCOUNT_NUMBER
Specify a fixed value for the TSO account number used by the Interactive ISPF Gateway. The default is inherited from the user’s SAF TSO segment. Uncomment and change to use the specified value.
RSEAPI_CGI_CEATSO_GROUP_ID
Specify a fixed value for the TSO group ID used by the Interactive ISPF Gateway. The default is inherited from the user’s SAF TSO segment. Uncomment and change to use the specified value.
RSEAPI_CGI_CEATSO_REGION_SIZE
Specify a fixed value for the TSO region size used by the Interactive ISPF Gateway. The default is inherited from the user’s SAF TSO segment. Uncomment and change to use the specified value.
RSEAPI_CGI_CEATSO_PROCNAME_n
For a specific server, specify a fixed value for the TSO logon procedure used by the Interactive ISPF Gateway. The default is specified in RSEAPI_CGI_CEATSO_PROCNAME. Uncomment and change to use the specified value.
RSEAPI_CGI_CEATSO_ACCOUNT_NUMBER_n
For a specific server, specify a fixed value for the TSO account number used by the Interactive ISPF Gateway. The default is specified in RSEAPI_CGI_CEATSO_ACCOUNT_NUMBER. Uncomment and change to use the specified value.
RSEAPI_CGI_CEATSO_GROUP_ID_n
For a specific server, specify a fixed value for the TSO group ID used by the Interactive ISPF Gateway. The default is specified in RSEAPI_CGI_CEATSO_GROUP_ID. Uncomment and change to use the specified value.
RSEAPI_CGI_CEATSO_REGION_SIZE_n
For a specific server, specify a fixed value for the TSO region size used by the Interactive ISPF Gateway. The default is specified in RSEAPI_CGI_CEATSO_REGION_SIZE. Uncomment and change to use the specified value.
RSE_COMMON_PROPERTIES
RSE API provides a Common Properties service. This mechanism allows authenticated users to store and retrieve generic data amongst team members in a flexible, shareable manner via REST API calls. The APIs allow users to access and manipulate namespaces and the JSON data contained within each. Namespaces are physically stored as JSON files in a shared z/OS UNIX folder specified by an administrator. To enable this service, set the RSE_COMMON_PROPERTIES environment variable to a path of a folder accessible by the intended users:
RSE_COMMON_PROPERTIES=<path>
This service is designed to be used like a "bulletin board" for basic information sharing purposes. For example, it can be used for sharing various service ports and installation directories. Common Properties resources should be considered non-restrictive and mutable by authenticated users. As such, this service is amenable to informal data sharing but should not be treated as a formal database substitute.
RSE_COMMON_PROPERTIES_n
Use this variable to override the Common Properties shared folder for specific servers. For example, 
#RSE_COMMON_PROPERTIES_1=
#RSE_COMMON_PROPERTIES_2=
RSE_COMMON_PROPERTIES_PRIVATE_RELATIVE
To enable the private Common Properties service, set this variable to a UNIX directory relative to a given user home directory. The private Common Properties for a user is stored in /<user home>/RSE_COMMON_PROPERTIES_PRIVATE_RELATIVE.
RSE_COMMON_PROPERTIES_TIMEOUT
To control cache validity period when using the Common Properties service, the following variable can be overridden. This value is the time in milliseconds a cached version of a namespace is considered valid.