Enable User Access to MODHLI Data Sets

Web Services › How to Enable Security Access to Web Services › Enable User Access to MODHLI Data Sets

Enable User Access to MODHLI Data Sets

To enable client programs to access the API, your security administrator may need to enable user access to MODHLI data sets. The CA Endevor SCM administrator must determine the security requirements for MODHLI data sets.

Follow these steps:

Ask your CA Endevor SCM administrator if MODHLI is coded in the CA Endevor SCM C1DEFLTS table.
- If the MODHLI value is coded, you must grant all user IDs access to all data sets with the MODHLI high-level qualifier (HLQ). This requirement applies to access under all security products including RACF, CA Top Secret, or CA ACF2.
  The reason for this requirement is as follows. For a client program to access the API, the user ID sent to CAICCI to spawn the pool STCs and the user IDs that issue requests to Web Services must have read/write access to these data sets. To enable this, the MODHLI parameter causes the data set names to be built with this format:
```
modhli.Dyyddd.Thhmmss.STCnnnnn.ddname
```
  STCnnnnn, ddname
  
  The job ID and ddname that is the unique qualifier for one of the nine API related files (APIMSGS, C1MSGS1, and so on).
- If a MODLHI value is not coded, then security is not affected, because the temporary data sets names are built by the operating system with the standard temporary data set HLQ in the following format: SYSyyddd.Thhmmss.RA000.jobname.nnnnnn
Configure your security software to grant all user IDs access to all data sets with the MODHLI high-level qualifier (HLQ), if the MODHLI value is coded in C1DEFLTS.