3 years ago

Category: Software, Data, automation

Gregory MacKinnon’s article titled Zowe API security and Dan Kelosky’s article titled Zowe CLI: Token Authentication, MFA, and SSO provide an important foundational understanding of security concepts that lead to Zowe CLI’s use of tokens to authenticate a user. In this article I describe the reasons why token handling is important for the Zowe CLI, how tokens operate in the CLI, and how consumers configure and use tokens.

The following options can be stored in a base profile: For example, if you have a mainframe user name and password that gives you access to every service at your site, it is much easier to maintain the user name and password in your one base profile, rather than duplicating the user name and password in every one of your service profiles.

Zowe CLI’s choice to use user name & password when they are available over any existing token, would enable zosmf and Endevor to use the token for single sign-on while the third service continues to use a user name and password (no single sign-on).

For example if no user name and password were supplied to a command, a command’s response previously looked like this: A new feature for Zowe commands is that they will prompt for the following options, when any of the options have not been supplied.