To allow CICS® users to logon without a password, define a profile in the FACILITY class to protect the ARS.CICSUNIF resource and grant users READ access. Only users that are allowed to view documents by using the CICS client should be allowed access to this resource. Specifically, users with Content Manager OnDemand administrative capabilities should be prohibited from using this resource. That is because the authentication used for the CICS client is not as strong as PassTickets. More specifically, the UTOKEN of the CICS client is sent to the server. This UTOKEN is then converted to external format by using a RACROUT REQUEST=TOKENMAP and examined. If the UTOKEN appears correct and is permitted read access to the ARS.CICSUNIF resource in the FACILITY class, the login is allowed.