API requester authorization
Learn how IBM® z/OS® Connect authorizes access to invoke API requesters.
WAR files contain a security constraint that requires the user ID invoking the
API requester to be authenticated and authorized to
invoke role. This security is only enforced when the
appSecurity-2.0 feature is configured in the IBM z/OS Connect server. The
applies to all operations in an API requester
Users and groups can be authorized to the API requesters
invoke role by using either SAF EJBROLE profiles or by binding the users or groups
to the authorization role in the configuration file.