In z/OS 2.4, RACF introduced a new assertion mechanism, the JSON Web Token, also known as an Identity Token, which can be used to validate distributed users who have a valid RACF user id and provide a secure way to logon to the database server without specifying a password.
Starting in TTU 17.20, z/OS TPT users employing Gateway-mediated CLI can use the new RACFJWT logon mechanism that supports Identity Token.
To use the functionality in a Teradata PT job, you need to:
- Set the TPT's TD_LOGON_MECH option to 'RACFJWT'.
- Set the TPT's TD_USER_NAME option to a valid value.
- Do not set a value for the TPT's TD_USER_PASSWORD option.
- Link the TPTAPI application with the "ac=1" option.
The functionality applies to the following TPT components:
- Load operator
- Export operator
- Stream operator
- Update operator
For more details on the functionality, see "Teradata Call-Level Interface Version 2 Reference for Workstation-Attached Systems".