InterSystems is going to use 1.0.2g (the now current version of OpenSSL starting with 2016.3. As we get close to the Field Test of 2016.3 the exact version might get updated. 1.0.2g will will introduce some backward incompatibilities related to SSLv2 and SSLv3. Once we have accessed how are we going to address those, I will post this information here and on the Compatibility Blog.

The title of the post is not quite correct. You would like to resolve something in the authentication step, not the authorization step. Please take a look at the ZAUTHENTICATE.mac in the SAMPLES namepace that includes a large array of options and code examples (most can be used just by uncommenting them). It also includes an example of performing 2 factor authentication. For this to work you have to validate the user's credientials first and then step into the 2 factor part of the authentication. Let me know if this helps. If not I will get you a more concrete implementaiton of ZAUTHENTICATE.

 

(Also please make sure that your authentication options for the service has the right list of options (in your case problably only delegate authentication))