IBM Support

Multi-Factor Authentication (MFA) support in IBM Explorer for z/OS and IBM Developer for z Systems

Product Documentation


Abstract

This document describes basic requirements and expected behaviors under the MFA support in IBM Explorer for z/OS and IDz.

Content

IBM Explorer for z/OS (z/OS Explorer) added support for Multi-Factor Authentication (MFA) in September 2017.

  • v3.0.1.13 PTF UI50538
  • v3.1.1.1 PTF UI51053

This information documents basic requirements and expected behaviors:
  • MFA must be configured to allow for Passticket usage after initial authentication.
  • Passtickets will be used during the whole lifetime of a user session, so the window in which Passtickets are accepted after initial authentication should be big enough to cover a typical workday, and must be at least long enough to cover the logon process.
  • Once Passticket usage fails, the client connection will be severed and the user must re-logon (and thus re-authenticate). This behavior is similar to users being disconnected due to inactivity time-out.
  • If MFA is set up to prompt for a second authentication, it will show to the user as though the first authentication failed, even if it was successful.

IBM Developer for z Systems (IDz) relies on z/OS Explorer for authentication, and is therefore able to support MFA without additional requirements, except the requirement for a z/OS Explorer service level that supports MFA.

Original Publication Date

15 June 2018

[{"Product":{"code":"SSJK49","label":"IBM Developer for z Systems"},"Business Unit":{"code":"BU011","label":"Systems - zSystems"},"Component":"Not Applicable","Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"14.0.0.6;14.1.0;14.1.1;14.1.2;14.1.3","Edition":"Edition Independent;Enterprise"},{"Product":{"code":"SSBDYH","label":"IBM Explorer for z\/OS"},"Business Unit":{"code":"BU011","label":"Systems - zSystems"},"Component":" ","Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"3.1.0;3.1.1","Edition":"All Editions"}]

Document Information

Modified date:
02 August 2018

UID

swg27051221