The second part of the URI must be authrec to call the AuthorityRecordController. This controller can be used to get attributes of authority records.

AuthorityRecordController is not available for z/OS.


Get information about one or more authority records. This action executes the MQCMD_INQUIRE_AUTH_RECS pcf command. On success, the returned JSON object will have a data array, on failure an error object.

URL Parameters



The name of the queuemanager. This parameter is required!


This parameter is the name of the profile for which to retrieve authorizations. Generic profile names are supported. When this parameter is used, the ProfileName query parameter is ignored. This parameter is optional.

Query Parameters


Depending on the value of EntityType this value means: a principal name or a group name.


Type of the entity: Group or Principal. The value is case-sensitive.


The type of object referred to by the profile. Possible values are : All, Authentication Information, Channel, Client-connection Channel, Communication Information, Listener, Namelist, Process, Queue, Queuemanager, Remote Queuemanager, Service or Topic. The value is case-sensitive.


Options can be set to control the set of authority records that is returned. Options can be passed multiple times. Possible values are:

The values are case sensitive.


With the ProfileAttrs parameter you can specify which attributes must be returned from the PCF command. Multiple occurences of this parameter are possible. The value must be a (case-sensitive) valid attribute name.

Attrs is a synonym for ProfileAttrs


The name of the profile for which to retrieve authorizations. When a ProfileName is passed as part of the URL, this query parameter will be ignored. A profilename is not required when ObjectType is Queuemanager.


Name of the service component.



	 * Inquire all authority records for queuemanager PIGEON.
	 * MQWeb runs on localhost and is listening on port 8081. 
	$url = "http://localhost:8081/api/authrec/inquire/PIGEON/?Options=Name%20All%20Matching&Options=Entity%20Explicit";

	$curl = curl_init();
	curl_setopt($curl, CURLOPT_URL, $url);
	curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);

	if ( ($response = curl_exec($curl)) === false )	{
		$err = curl_error($curl);
		echo "An HTTP error occurred while getting authority records: $err\n";
	else {
		$json = json_decode($response);
		if ( isset($json->error) ) {
			echo "An MQ error occurred while inquiring authority records.\n";
			echo "Reason Code: {$json->error->reason->code} - {$json->error->reason->desc}\n";
		else {
			if ( isset($json->data) && count($json->data) > 0 ) {
				foreach($json->data as $authrec)
					echo $authrec->ProfileName->value;
					echo '(';
					echo $authrec->ObjectType->display;
					echo ')';
					echo ' - ';
					echo $authrec->EntityName->value;
					echo "\n";
					$authorizations = array();
					foreach($authrec->AuthorizationList->value as $authorization)
						$authorizations[] = $authorization->display;
					echo "   ";
					echo join(', ', $authorizations);
					echo "\n";
				echo "No authority records found\n";

JSON Object

When using an application/json POST request you can post a JSON object with names like the query parameters.

All URL parameters and query parameters are ignored except for the URL parameter for the name of the queuemanager.

There are some differences between query parameters and a JSON object:

use strict;
use warnings;
use feature qw(say);

use JSON;
use LWP::UserAgent;
use HTTP::Request::Common;

# This sample will show all SYSTEM authentication information objects.

my $qmgr = shift;
die("Please pass me the name of a queuemanager as argument") 
	unless defined($qmgr);

my $json = JSON->new;

my %input = ( 
	'AuthInfoName' => 'SYSTEM*'
my $content = $json->encode(\%input);    

my $ua = LWP::UserAgent->new;
my $req = POST 'http://localhost:8081/api/authinfo/inquire/' . $qmgr;
	'Content-Type' => 'application/json',
	'Content-length' => length($content)

my $res = $ua->request($req);
die $res->status_line unless $res->is_success;
my $mqweb = $json->decode($res->content());
if ( exists($mqweb->{error}) ) {
	say 'An MQ error occurred while inquiring queues.';
	say 'Reason Code: '
		, $mqweb->{error}->{reason}->{code}
		, ' - '
		, $mqweb->{error}->{reason}->{desc};
else {
	foreach my $authinfo(@{$mqweb->{data}}) {
		say $authinfo->{AuthInfoName}->{value};