IBM Sterling
This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Search existing ideas
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,
Post your ideas
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Specific links you will want to bookmark for future use
Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.
IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.
ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.
Good question. You are correct that this solution only works with IMAP and not POP3
We will update the documentation with that information. I'm told from my team that is an old protocol and we should move to IMAP.
Is this something that will pose any challenges?
Hi Ryan, thank you for the update on this. After reading through the related documentation, I just wanted to verify that OAuth 2.0 will only work for IMAP and will not work for POP3, is that correct? Thanks.
Please see documentation here:
https://www.ibm.com/docs/en/b2b-integrator/6.0.0?topic=bmca-enhancing-b2b-mail-client-adapter-access-microsoft-exchange-online-oauth-20
Hello all, thank you for all the feedback and participation for this request. We are happy to announce availability of the enhancement to the B2B Mail Client Adapters to support OAUTH modern authentication ahead of Microsoft's planned deprecation of Basic Authentication.
Please find the details here of the rollout schedule:
https://www.ibm.com/support/pages/node/6595109
Our goal in making this enhancement available is to align to upcoming releases as to mitigate issues that come from unique hot fixes. If you have any questions or concerns, please reach out. More information will be published over the next few weeks with additional guidance and documentation.
Hi Con, thank you for your note. I'd like to discuss this in further detail with you and members of our Engineering team. Could you please send me an email at woodry@us.ibm.com so we may set up a meeting?
Hi Ryan - as a Sterling developer across many customer sites in Australia / APAC I see this becoming more urgent. Many customers will be impacted if left without modern authentication to MS 0365 "Email". They are currently all using B2B Mail Client Adapters with POP or IMAP for receiving & SMTP Adapters for Sending - (with multiple accounts).
I see this article which looks to be related and has Java level implementations.
https://github.com/AzureAD/microsoft-authentication-library-for-java/wiki
Although we could write something that can establish a connection (from an external program) - getting this to align and work with the next steps of receiving emails & MIME processing with Sterling, may not be well integrated from a completely external API. Needing to get this Connection & Authentication embedded into an Adapter.
Microsoft has recently published updated guidance to their customers
https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/deprecation-of-basic-authentication-exchange-online
Of note is the following
"SMTP AUTH will still be available when Basic authentication is permanently disabled on October 1, 2022"
While we still want to address the concern with basic auth with SMTP in B2Bi, it does not look like it will affect the SMTP adapter in B2Bi after this cut off date.
However, we still utulize IMAP and POP. I understand the concern and we are working to provide a firmer response to this RFE. Please feel free to reach out if you would like to discuss in further detail with your team.
Ryan Wood - woodry@us.ibm.com
I'm voting for and asking for any ETA for this requirement so that the same can be communicated to our IT teams as they are pushing on this and need ETA on when they can disable the basic authentication.
Hello all, we seem to have duplicate entries on this enahncement. I'll keep this one updated as well.
Microsoft has released the following update:
Today, we are announcing that, effective October 1, 2022, we will begin to permanently disable Basic Auth in all tenants, regardless of usage (with the exception of SMTP Auth, which can still be re-enabled after that)."
https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-and-exchange-online-september-2021-update/ba-p/2772210
We are continuing to monitor this and test our exposure and working with other IBM teams to ensure we have a common approach across our Sterling platforms to address this requirement before October 1, 2022
Hi Ryan,
Can you provide any ETA for this requirement so that the same can be communicated to our IT teams as they are pushing on this and need ETA on when they can disable the basic authentication.
Thank you all for the continous feedback and guidance you're receiving from your Microsofts team. The following update by Microsoft was called to our attention:
https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-and-exchange-online-september-2021-update/ba-p/2772210
Today, we are announcing that, effective October 1, 2022, we will begin to permanently disable Basic Auth in all tenants, regardless of usage (with the exception of SMTP Auth, which can still be re-enabled after that).
We are continuing to research to determine the risk this poses to our community, (given the option to re-enable), and keeping up with latest security standards (which would include deprecating basic authentication).
We will be reaching out to those interested in this RFE as we get closer to ensure we are on track to meet your business requirement.
Hi Ryan,
I would like to understand the status on this requirement as we have been getting pushed from our organization to implement the Modern Authentication on our SI mailboxes by end of Oct 2021. We have raised the same to them as well and would like to understand if you will be able to help out to get on a call with out SMTP teams to understand and get on a plan for this implementation.
You can reach out to me on - Shadab.kazi@ingrammicro.com
Awaiting your feedback.
Please see information below from our Office 365 ADMIN -
Microsoft allowed us to temporarily turn basic authentication back on following the incident on May 6th. This will buy us some time but we’ll likely lose the ability to flip this bit when they fully deprecate basic authentication later in the year. We don’t have an exact date but the consensus is 2nd half of 2021.
IBM should consider the Graph API solution which allows non-interactive sign-ins.
https://docs.microsoft.com/en-us/graph/auth-v2-service
Hello all, we are prepared to start working on this enhancement. In digging into the requirement we have studied the communication from Microsoft a bit more and found the following verbiage:
Today, we’re excited to announce the availability of OAuth 2.0 authentication for IMAP and SMTP AUTH protocols to Exchange Online mailboxes. This feature announcement is for interactive applications to enable OAuth for IMAP and SMTP. At this time, there are no plans to enable IMAP and SMTP OAuth for non-interactive applications using client credentials flow. For that, we suggest to use our Graph API.
https://techcommunity.microsoft.com/t5/exchange-team-blog/announcing-oauth-2-0-support-for-imap-and-smtp-auth-protocols-in/ba-p/1330432
As you can see, IBM Sterling B2B Integrator, does NOT conduct an 'interactive session' - it is a 'non-interactive' process
At this point we need more information on this request. I'm requesting those following this request to please help with the following:
1) Open a support ticket with your IT staff that manages your Microsoft SMTP Servers (if possible, have that team open a support ticket directly with Microsoft)
2) Engage myself (woodry@us.ibm.com) - I will bring my developers to the call to ensure we all understand the requirement and have clear cut dates from Micrsoft on the cut over and the scope of the change.
Any questions or concerns please reach out to me.
Hi Ryan,
Is there any more updates on this request. What is the estimated time that this will be available in the product so we can plan on upgrading.
Are there any thoughts of adding this feature as part of a Patch to Version 6.0 or the direction will be to upgrade to 6.1?
Hi Ryan Wood ,
There are planning to disable the basic auth by the end of month september-october. Do we have any update on the developemnt of this part. If you can want , we can connect over a call for the same
April 2021 Update - We are tracking this item for delivery this year on the 6.1 stream. We are still looking for a firm date from Microsoft on this cut over. If anyone has additional information, or is willing to open a ticket with Microsoft and work with IBM, please reach out to me directly woodry@us.ibm.com
Hi Ryan Wood,
Could you please advise when this enhancement will be ready?
We have been asked to disable basic authentication and move to OAUTH2.0 by 30th June 2021.
We have multiple Trading partners using mail client adapter and it is a critical interface.
Thanks
Kavitha
We have accepted this request for enhancement. We understand Microsoft has extended this deadline until the end of 2021
https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-and-exchange-online-april-2020-update/ba-p/1275508