For an application (TSO) that is not set up for pass ticket, selecting the session for this application fails after signing on to CA TPX with multi-factor authentication (MFA) pin and token:
IKJ56708I INVALID CURRENT PASSWORD
IKJ56703A REENTER THIS OPERAND -
Also no ACL, using G command to start session.
Signon works with a simple password as it always has, but not when using passcode (pin and token).
Within Profile Maintenance, the Application Session Options for this TSO session had specified: Session data: &userid/&pswd
Including &pswd within Session data or an ACL will not work for an application that is not enabled to use pass tickets when the user has signed on to TPX using multi-factor authentication.
By definition in this scenario, the MFA passcode entered to sign on to CA TPX is no longer valid for a subsequent application signon.