Can CA Top Secret act as an Authorization server in an OAuth 2.0 environment?

Document ID : KB000115452
Last Modified Date : 26/09/2018
Show Technical Document Details
Introduction:
OAuth 2.0 is an authorization framework that enables a third-party application to request an HTTP service with limited access permission, either on behalf of a resource owner, or on behalf of the third-party client itself. In z/OS Connect EE, OAuth 2.0 is applied when a z/OS application calls an API from a request endpoint.

The following link contains an illustration of how OAuth 2.0 works in z/OS Connect EE

https://www.ibm.com/support/knowledgecenter/en/SS4SVW_3.0.0/facilitating/oauth_workflow.html

In the illustration there is a box for a component named 'Authorization server'

Can CA Top Secret be an authorization server OAuth2 for z/OS Connect EE ?

 
Question:
Can CA Top Secret act as an authorization server in an OAuth2 for z/OS Connect EE environment ?
Answer:
The application must have the ability to  issue RACROUTE calls or ldap calls to talk to CA Top Secret. 

Please check with the vendor to see if it has this capability.

If they provide documentation using IBM RACF as the authorization server, we can convert the RACF commands to TSS commands.