Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Post your ideas
IBM is transforming its request for enhancement (RFE) process. The purpose of the transformation is to provide a more consistent experience for you to submit requests and to enable IBM product owners to respond to your requests more quickly. For more information click here.
Start by posting ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,
1. Post an idea
2. Upvote ideas that matter most to you
3. Get feedback from the IBM team to refine your idea
Help IBM prioritize your ideas and requests
The IBM team may need your help to refine the ideas so they may ask for more information or feedback. The offering manager team will then decide if they can begin working on your idea. If they can start during the next development cycle, they will put the idea on the priority list. Each team at IBM works on a different schedule, where some ideas can be implemented right away, others may be placed on a different schedule.
Receive notifications on the decision
Some ideas can be implemented at IBM, while others may not fit within the development plans for the product. In either case, the team will let you know as soon as possible. In some cases, we may be able to find alternatives for ideas which cannot be implemented in a reasonable time.
Enable authentication by token on the Sterling B2B REST API
Seems like currently the B2B REST API only supports authentication of basic type, where username/password is sent in header of get/post/put HTTP call. Can there be a mechanism to authenticate via bearer token? Thanks very much!
Remove the validation of the X520SerialNumber in the PKI-J toolkit
An error occurred when updating a certificate for a client with a Serial number too long issue. Certicom found that certificate is not valid and cannot be used since the X520SerialNumber contains more than 64 characters which violates the RFC.
The source map name and compiled map name should be same as that of name of Map detail, only then the map deployment should be allowed
The source map name and compiled map name should be same as that of name of Map detail, only then the map deployment should be allowed.
Allow External Authentication without create a local user
An user created for example in AD can use the SBI console (or ICC, SSP ...), only with external authentication, not being necessary to create a local user in Sterling.In other platforms the client has, the users just need register in AD, are assig...
Change security logs format
The security logs can be changed to display more information in a single line. It will help security teams to identify who creates/deletes users or groups.
Global Mailbox backend file replication SSH settings (ciphers, hmacs, group exchanges) currently are not configurable, even in 6.1
QUALYS scans are revealing that the out-of-box settings utilized CBC ciphers and SHA1 group-exchanges. These should be configurable settings for the TCP 33001 port to secure with CTR and/or GCM ciphers as well as SHA2/256 group exchanges.
Support token based authentication for HTTP adapters and Product REST communications
We are using the 6.1 product REST, the REST Auth.war and a set of custom REST services (the latter two in HTTP Adapters). We have a security challenge on the use of Basic Auth for securing these services which we access via a gateway (Tyk) from ...
compression at the HTTP layer
It would be good to have option like (something like compress="True") to compress the file at HTTP layer, to achieve this do we have any parameter set any of the HTTP Services/adapter level at HTTP Begin Session service/HTTP Client Method service...
Show actual SFTP error in status report
Sterling 6.0 and up, in some cases, has replaced useful, specific SFTP error messages in the status report with vague ones that require diving into logs to troubleshoot.For example, if the host key is wrong when connecting to a partner, this is wh...
Update Certificate File via REST API
The B2B REST API allows the user to delete, create, or update attributes (such as the name) of an HTTPS certificate on the system. However, it does not allow a user to update a certificate in place (the "Update from existing PKCS12 Certificate fil...
Do not place IBM confidential, company confidential, or personal information into any field.