Skip to content

using environment var setting in ZE doc #4760

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

using environment var setting in ZE doc #4760

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
4dd4300
using environment var setting in ZE doc
anaxceron Oct 23, 2025
bcf5e99
edits to address feedback
anaxceron Oct 30, 2025
f14011e
Merge branch 'master' into anax-v3.3-env-vars-ze
anaxceron Oct 30, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 12 additions & 1 deletion docs/user-guide/ze-install-configuring-ze.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,21 @@ To access Zowe Explorer settings:

1. Click the **Manage** icon at the bottom of the **Activity Bar**.
2. Select the **Settings** option.
3. Open the **Extension** option listed in the **Commonly Used** menu.
3. Open the **Extensions** option listed in the **Commonly Used** menu.
4. Select **Zowe Explorer** to access its settings.
5. Scroll the list to find the setting that needs modification.

## Enabling environment variables `ZOWE_OPT_USER`, `ZOWE_OPT_PASSWORD`

You can create environment variables for Zowe CLI command options `--user` and `--password`. See [Formatting environment variables](../user-guide/cli-using-formatting-environment-variables.md) for more information.

To use the environment variables `ZOWE_OPT_USER` and `ZOWE_OPT_PASSWORD` in your configuration:

1. In Zowe Explorer settings, scroll to the **Override With Environment Variables** option.
2. Select the checkbox to activate the setting.

Once enabled, `ZOWE_OPT_USER` and `ZOWE_OPT_PASSWORD` provide values to be used in your configuration. See [Using environment variables](../user-guide/ze-using-using-environment-variables.md) for instructions on how environment variables work in team configuration.

## Modifying creation settings for data sets, USS files, and jobs

1. In Zowe Explorer settings, scroll to a data set, USS file, or job setting type.
Expand Down
150 changes: 150 additions & 0 deletions docs/user-guide/ze-using-using-environment-variables.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,150 @@
# Using environment variables

Configure environment variables to supply values for properties in your team configuration file.

Environment variables in client configuration can be used to store credentials or other sensitive connection data, such as host and port information.

## Example use cases

- Working in **virtual environments** that do not store credentials locally.
- Create an environment variable for Zowe Explorer to use for authentication instead of looking in a local vault.
- Storing an **authentication token** for APIML.
- Store personal access tokens (PATs), which have longer durations, and can have narrower scope, than the default JSON web tokens.

## Configuring environment variables for credentials

### One set of credentials

To use only one set of credentials:

1. Use the `ZOWE_OPT_USER` and `ZOWE_OPT_PASSWORD` environment variables.

These environment variables can also be [formatted for use in Zowe CLI](../user-guide/cli-using-formatting-environment-variables.md).

2. Check the **Override With Environment Variables** setting in Zowe Explorer.

3. Open your `zowe.config.json` file and add the environment variable with the `$` prefix to the corresponding property. For example, `$ZOWE_OPT_USER` or `$ZOWE_OPT_PASSWORD`.

4. Confirm that the environment variables work by executing a search for data sets, USS files, or jobs.

### Multiple sets of credentials

To use multiple sets of credentials:

1. If checked, uncheck the **Override With Environment Variables** setting in Zowe Explorer.
2. Create your own non-`ZOWE_OPT_` environment variables. For example, `OTHER_USER` and `OTHER_PASSWORD`.

Add your environment variables and values to your local system. In Windows, go to System Properties. In cloud development environments, secret environment variables can be defined when configuring the cloud IDE.

:::warning

To prevent conflicts, avoid names already in use by Zowe clients. See [Configuring Zowe CLI environment variables](../user-guide/cli-configuringcli-ev.md) for a complete list.

:::
3. Open your `zowe.config.json` file and add the environment variable with the `$` prefix to the corresponding property. For example, `$OTHER_USER` or `$OTHER_PASSWORD`.

4. Confirm that the environment variables work by executing a search for data sets, USS files, or jobs.

## A configuration file with environment variables

The following examples include environment variables in a configuration file.

**In the nested structure**, the `zosmf` and `apiml` service profiles are nested within the `lpar` profile.
- This avoids repeating the `host` and `rejectUnauthorized` properties in both service profiles.
- Environment variables are used for [multiple credentials](#multiple-sets-of-credentials) in Lines 14-15 and Line 24.
Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@adam-wolfe @zFernand0: Should we include a config example for ZOWE_OPT_USER and ZOWE_OPT_PASSWORD?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We could, but I'm not sure about how it would with the API ML. I guess we could do something like:

{
    "$schema": "./zowe.schema.json",
    "profiles": {
        "lpar": {
            "properties": {
                "host": "my.company.com",
                "rejectUnauthorized": false
            },
            "profiles": {
                "zosmf": {
                    "type": "zosmf",
                    "properties": {
                        "port": 443
                    }
                }
            }
        }
    },
    "defaults": {
        "zosmf": "lpar.zosmf"
    },
    "autoStore": false
}


**In the flat structure**, the `zosmf` and `apiml` service profiles are organized sequentially.
- This includes the `host` and `rejectUnauthorized` properties in both service profiles.
- Environment variables are used for [multiple credentials](#multiple-sets-of-credentials) in Lines 10-11 and Line 23.



import Tabs from '@theme/Tabs';
import TabItem from '@theme/TabItem';

<Tabs>
<TabItem value="nested" label="Nested profiles" default>
```json showLineNumbers
{
"$schema": "./zowe.schema.json",
"profiles": {
"lpar": {
"properties": {
"host": "my.company.com",
"port": 1234,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Assuming this is meant to be the z/OSMF port, I would move it into the lpar.zosmf profile properties.

"rejectUnauthorized": false
},
"profiles": {
"zosmf": {
"type": "zosmf",
"properties": {
// highlight-start
"user": "$ZOWE_USER",
"password": "$ZOWE_PASS",
// highlight-end
"authOrder": "basic"
},
"apiml": {
"type": "zosmf",
"properties": {
"port": 7554,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would put the API ML connection info (port, tokenType, tokenValue, and authOrder) in the lpar profile. Like we do it here: https://docs.zowe.org/stable/user-guide/cli-using-creating-profiles#accessing-services-through-multiple-api-ml-gateways

"basePath": "ibmzosmf/api/v1",
"tokenType": "apimlAuthenticationToken",
// highlight-start
"tokenValue": "$ZOWE_APIML_PAT",
// highlight-end
"authOrder": "token, bearer"
}
}
}
}
}
},
"defaults": {
"zosmf": "lpar.zosmf"
},
"autoStore": false
}
```
</TabItem>
<TabItem value="flat" label="Flat profiles">
```json showLineNumbers
{
"$schema": "./zowe.schema.json",
"profiles": {
"zosmf": {
"type": "zosmf",
"properties": {
"host": "my.company.com",
"port": 1234,
"rejectUnauthorized": false,
// highlight-start
"user": "$ZOWE_USER",
"password": "$ZOWE_PASS",
// highlight-end
"authOrder": "basic"
}
},
"apiml": {
"type": "zosmf",
"properties": {
"host": "my.company.com",
"port": 7554,
"rejectUnauthorized": false,
"basePath": "ibmzosmf/api/v1",
"tokenType": "apimlAuthenticationToken",
// highlight-start
"tokenValue": "$ZOWE_APIML_TOKEN",
// highlight-end
"authOrder": "token, bearer"
}
}
},
"defaults": {
"zosmf": "zosmf"
},
"autoStore": false
}
```
</TabItem>
</Tabs>
1 change: 1 addition & 0 deletions sidebars.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -689,6 +689,7 @@ module.exports = {
"user-guide/ze-managing-profiles",
"user-guide/ze-authentication-methods",
"user-guide/ze-usage-tips",
"user-guide/ze-using-using-environment-variables",
"user-guide/ze-working-with-data-sets",
"user-guide/ze-data-set-table-view-guide",
"user-guide/ze-working-with-uss-files",
Expand Down
Loading