IBM MQ Console and REST API security
Security for the IBM® MQ Console and the REST API is configured by editing the mqweb server configuration in the mqwebuser.xml file.
About this task
You can track user actions and audit the use of the IBM MQ Console and the REST API by examining the log files of the mqweb server.
- Basic registry
- LDAP registry
- Local OS registry
- SAF on z/OS®
- Any other registry type supported by WebSphere® Liberty
Roles can be assigned to IBM MQ Console users, and to
REST API users to determine what level of access they
are granted to IBM MQ objects. For example, to perform
messaging, users must be assigned the MQWebUser
role. For more information about
the available roles, see Roles on the IBM MQ Console and REST API.
After a user is assigned a role, there are a number of methods that can be used to authenticate the user. With the IBM MQ Console, users can log in with a user name and password, or can use client certificate authentication. With the REST API, users can use basic HTTP authentication, token based authentication, or client certificate authentication.