Skip to Main Content
IBM Sterling


This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

ADD A NEW IDEA

FILTER BY CATEGORY

Security

Showing 40

SSO and OAuth support for authenticating B2BAPI access

At minimum would need to able to use the SEAS SAML like tokens to allow authentication of APIUser for B2BAPI calls. Liberty Profile native supports both SAML /OAuth authentication and the current instance does authenticate with B2Bi so it should a...
over 2 years ago in Sterling B2B Integrator / Security 0 Planned for future release

Allow email address to use as user ID

We have requirement to use email address as the user ID in sterling integrator.
almost 2 years ago in Sterling B2B Integrator / Security 0 Planned for future release

RestAPI support for Token Authentication rather than Basic Authentication

Looking for a future service availability to support Token Authentication, either with RestAPI or new one. As per my conversation with an IBM engineer on another troubleshooting call; support of Token Authentication by RestAPI is planned in future...
almost 2 years ago in Sterling B2B Integrator / Security 0 Future consideration

support of Oauth2 & OIDC in Sterling integrator

With more and more "business" moving to the cloud, it will be essential
9 months ago in Sterling B2B Integrator / Security 1 Future consideration

Mail Client adapter to allow Oauth 2.0 with grant_type as Client Credentials

The out of the box B2B mail client adapter allows to make connections to the mail exchange server for OAuth2.0 with grant_type as "Password" only. The grant_type as password is an obsolete and a vulnerable way of getting tokens and should allow gr...
5 months ago in Sterling B2B Integrator / Security 1 Future consideration

Address the log4J 1.x vulnerable Liberty WAR files in SB2Bi version 6.1.2

According to the release notes by IBM on the Sterling B2B Integrator version 6.1.2 it states "Apache log4j 1.x is removed and now we are using Apache log4j 2.17.2." However after updating to 6.1.2 The war files listed below still contained log4j 1...
5 months ago in Sterling B2B Integrator / Security 2 Is a defect

Have the User ID in SB2Bi / SFG / MyFG case-insensitive

Currently the User Id information of a SB2Bi / SFG / MyFG User is case-sensitive. This means that when creating the user with myUserId as the UserID, the authentication will only be possible by entering myUserId (and not myuserid or MYUSERID which...
11 months ago in Sterling B2B Integrator / Security 1 Future consideration

Allow a SFG Community to allow using more than one PGP key for decryption.

Allow a SFG community to allow partners to use the existing key or the new key to encrypt their data with so that SFG then can use either PGP key for decryption - this will allow partners to make changes in a gradual way , when we generate new PGP...
almost 3 years ago in Sterling B2B Integrator / Security 3 Planned for future release

Include special characters (e.g. @) in Parameter Name of Obscure Data - Process Data Values service

We are using SI 6.0.3.2 and the Parameter Name does not allow special characters such as "@" being used in the Obscure Data - Process Data Values service. This prevents email addresses being used as Names.
over 1 year ago in Sterling B2B Integrator / Security 1 Future consideration

Providing a list of supported encryption keys.

VENDOR supported Keys Keys that will be supported RSA (3072) Ed25519 ECDSA (nistp521) The feedback from the PepsiCo ECG team below is we only accept the following supported keys: PepsiCo supported keys ssh -rsa 2048, ssh-rsa 1024, ssh-rsa , ssh-dss
almost 2 years ago in Sterling B2B Integrator / Security 0 Planned for future release