IBM Support

Prerequisites for Multi-Factor Authentication in CICS Explorer

Technote (FAQ)


What are the system prerequisites and requirements to use Multi-Factor Authentication (MFA) with CICS Explorer?


Enabling Multi-Factor Authentication requires updates to both CICS Transaction Server for z/OS (CICS TS) and the CICS Explorer. MFA is supported by the CICS management client interface (CMCI) connection to CICS TS and by the z/OS Remote System (RSE) connection to z/OS.


CICS Explorer can use MFA to connect to CICS TS using the CMCI connection type. The CMAS and the WUI region must be at CICS TS 5.4 with APAR PI87691 installed, but application owning regions (AORs) can be at older releases of CICS TS.

Prior to configuring MFA credentials, configure the WUI region to accept MFA tokens. For more information see Configuring for CICS Explorer sign-on with Multi-Factor Authentication in the CICS TS 5.4 documentation.

You must use CICS Explorer or newer to make MFA connections. To connect to CICS with MFA, the CMCI connection must be used. To connect to z/OS with MFA (for example, to export bundles to zFS), the z/OS Remote System (RSE) connection must be used.

Use the Host Connections view to define CMCI connections and associated MFA credentials. Create a new credential first, choosing "Username with Multi-Factor Authentication" as your credential type. Each time you connect, you will be prompted to enter your password and token combination. When your session expires, you will be disconnected automatically.

The z/OS Remote System (RSE) connection username and password is configured separately when you connect to a remote system. You will be prompted for your password and token combination as required.

Related information

Latest version of CICS Explorer and CICS Tools plug-ins

Product Alias/Synonym

CICS/TS CICS TS CICS Transaction Server

Document information

More support for: CICS Transaction Server

Software version: 5.4

Operating system(s): Linux, Windows

Software edition: Not Applicable

Reference #: 2011867

Modified date: 11 January 2018