Session authorization data can be modified during any of the calls. The data passed to the exit will be either the data provided by an earlier exit invocation or the vector header with a data length of zero. The storage following the vector might contain residual data from prior exit invocations.

The single-byte data length and maximum 253-byte data field can be created or modified. Modified data is passed to the PLU on session setup as part of the CINIT. The data passed to the exit during Virtual Route selection and Initial Accounting can be modified, but the modifications are not passed to the PLU application or other SSCPs. Instead, they are passed during the Final Accounting call.

Once included by an SME, the vector cannot be removed before the Initial Accounting call. This is necessary to allow the code to detect a migration host in the session-setup path. If an exit needs to remove the data before Initial Accounting, it sets the length to one byte and the data byte to zero. Unless the exit takes explicit action, the data is freed automatically at the time of Initial Accounting so that hosts that do not want the data saved do not have to add code to their exits.

VTAM® frees the data if the exit is not being called for accounting or if the X'80' bit in byte zero of the session authorization data is used by VTAM as a KEEP flag. To free the data, VTAM initializes the bit to zero. To save the data for Final Accounting, VTAM turns on the bit when the exit is called for Initial Accounting.