add Authorization section to configuration-jwt file

Signed-off-by: Andrew Jandacek <[email protected]>
zowe · Dec 19, 2023 · bbf2f7f · bbf2f7f
1 parent 4a428be
commit bbf2f7f
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/docs/user-guide/api-mediation/configuration-jwt.md b/docs/user-guide/api-mediation/configuration-jwt.md
@@ -41,4 +41,10 @@ For more information, see [Configure Passtickets](configuration-extender-passtic
     * **components.gateway.apiml.security.zosmf.applid**  
     If you use z/OSMF as an authentication provider, provide a valid `APPLID`. The API ML generates a passticket for the specified `APPLID` and subsequently uses this passticket to authenticate to z/OSMF. The default value in the installation of z/OSMF is `IZUDFLT`.
 
-3. Restart Zowe.
+3. Restart Zowe.
+
+## Authorization
+
+Authorization is a method used to determine access rights of an entity.
+
+In the API ML, authorization is performed by the z/OS security manager ([ACF2](https://www.broadcom.com/products/mainframe/identity-access/acf2), [IBM RACF](https://www.ibm.com/support/knowledgecenter/zosbasics/com.ibm.zos.zsecurity/zsecc_042.htm), [Top Secret](https://www.broadcom.com/products/mainframe/identity-access/top-secret)). An authentication token is used as proof of valid authentication. The authorization checks, however, are always performed by the z/OS security manager.