Calling secured APIs

To call an API that is secured with OAuth 2.0 access token, an API key or a JSON Web Token (JWT), you might need to specify security parameters in your z/OS application.

Pre-requisites: Follow the instructions in Developing z/OS applications to call APIs to learn how to modify a z/OS application to call an API.

API keys

To call an API that is secured with an API key, the API key definition can be provided either in the OpenAPI file or in the z/OS Connect com.ibm.zosconnect.requester Gradle plug-in properties. In either case, the Gradle plug-in generates a request data structure containing fields in which the API key value can be set by your CICS® application.

OAuth 2.0

For information on OAuth 2.0 support within z/OS Connect, see Calling an API secured with OAuth 2.0.

For information about the OAuth 2.0 parameters that can be set in your application, see OAuth 2.0 parameters.

JSON Web Token (JWT)

If your API requires a JWT for authentication, z/OS Connect can retrieve a JWT from an authentication server or it can generate a JWT locally. If the JWT is retrieved from an authentication server, the user credentials can be provided in your z/OS application, for more information, see JWT parameters. If the JWT is generated locally, the z/OS Connect server must be configured to require authentication of the Host API request.