Remove Profile Tokens (QSYRMVPT) API
Required Parameter Group:
| 1 | Remove option | Input | Char(10) |
| 2 | Error code | I/O | Char(*) |
Optional Parameter:
| 3 | Profile token | Input | Char(32) |
Default Public Authority: *USE
Threadsafe: Yes
The Remove Profile Tokens (QSYRMVPT) API removes all profile tokens, removes all profile tokens for a specific user profile, or removes a specific profile token. When a profile token is removed, it is no longer valid for use with other profile token APIs.
This API can be used to remove all profile tokens on the system. This may be useful if the maximum number of profile tokens have been generated for the system (message CPF4AAA was sent or a PS-M security audit entry was sent). The most likely reason for this to happen is that someone is attempting to lock up parts of the system by generating multitudes of profile tokens. This API provides an alternative to restarting the system. After calling this API, the administrator may want to analyze the audit log to determine who is attempting to lock up the system.
This API can be used to remove all profile tokens that have been generated for a user profile. You may want to remove all profile tokens for a user profile if security information has changed for the user profile (for example, the password or group list).
Authorities and Locks
- Authority, if *ALL is specified
- *ALLOBJ and *SECADM
- Authority, if specific user is specified
- *SECADM
- User profile authority, if specific user is specified
- *OBJMGT and *USE
Required Parameter Group
- Remove option
- INPUT; CHAR(10)
Whether all profile tokens are being removed, all profile tokens for a given user are being removed, or a specific profile token is being removed.
One of the following values may be specified:
*ALL All profile tokens will be removed. *PRFTKN The specified profile token will be removed. If this value is specified, the optional parameter that contains the profile token must be specified. User name The name of the user profile for which to remove all profile tokens.
- Error code
- I/O; CHAR(*)
The structure in which to return error information. For the format of the structure, see Error code parameter.
Optional Parameter Group
- Profile token
- INPUT; CHAR(32)
The profile token to be removed. This parameter is required only if *PRFTKN is specified in the Remove option parameter. If the Remove option is not *PRFTKN and this parameter is specified, then this parameter must contain *NONE.
Error Messages
| Message ID | Error Message Text |
|---|---|
| CPF2204 E | User profile &1 not found. |
| CPF222E E | &1 special authority is required. |
| CPF2217 E | Not authorized to user profile &1. |
| CPF2225 E | Not able to allocate internal system object. |
| CPF2274 E | Profile token is not valid. |
| CPF3CF1 E | Error code parameter not valid. |
| CPF3C3C E | Value for parameter &1 not valid. |
| CPF3C90 E | Literal value cannot be changed. |
| CPF9872 E | Program or service program &1 in library &2 ended. Reason code &3. |
API introduced: V4R4
[ Back to top | Security APIs | APIs by category ]