Multi-factor authentication (MFA) credentials for CICS Explorer connections
Authentication with MFA credentials can enhance sign-on security for CICS® management client interface (CMCI) connections to CICS regions. MFA requires a password or passphrase coupled with a dynamic authentication token to verify the user's identity.
Prerequisites of CICS TS
CMCI connections with MFA are supported in either a CICSPlex® SM or a single CICS region environment:
- For a CICSPlex SM environment
-
- The WUI region and CMAS must be running at the same CICS level that is CICS TS 5.4 with APAR PI87691 or later.
- The WUI region must be configured to use a CMCI JVM server and multi-factor authentication support is enabled on the server side. For instructions, see Configuring for CICS Explorer in the CICS TS product documentation.
- For a single CICS region
-
- The region must be at CICS TS 5.6 with APAR PH35122, or a later release.
- The region must be configured to use a CMCI JVM server. Multi-factor authentication support must also be enabled on the server side. For instructions, see Configuring for CICS Explorer in the CICS TS product documentation.
Prerequisites of CICS Explorer
- To connect to a CICSPlex SM environment
- Use CICS Explorer for Aqua 3.1 (Fix Pack 5.4.0.4) or a later release.
- To connect to a single CICS region
- All the in-service versions of CICS Explorer are supported.
How to connect to CICS using an MFA credential

When you connect to the CMCI connection with multi-factor authentication support, select to use the MFA credential you defined. When you are prompted to specify a password or passphrase, specify your password or passphrase coupled with an authentication token in the Password or Passphrase field. If you don't know how to concatenate your password or passphrase and the authentication token, ask your system administrator.

The token has an expiration period. When it expires, you are prompted to specify your password or passphrase with a new token.
For detailed instructions on configuring a CICS Explorer connection to CICS, see Connecting CICS Explorer to CICS systems.