Skip to Main Content
IBM Sterling

This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (

Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.

Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal ( - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal ( - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM. - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Not under consideration
Created by Guest
Created on Mar 20, 2018

IBM Sterling Rest Services should support BASIC and STANDARD authstyles at a time in the same instance

LIMITATION: In IBM Sterling Order Management 9.4 and 9.5, Currently If we want to use Rest Services in one deployment we have to choose either of the one authstyles 'BASIC' or 'STANDARD' only.

Customer has deployed SMCFS on 2 WAS instances to serve all the synchronous requests and wants to use OOTB Rest Apis.
One of the Order capture channels has need to call IBM Sterling synchronously, and with multiple parallel threads, And they dont have need to track any user activity to maintain the tokens, So planned to use BASIC servlet.authstyle.
But there are other scenarios where in customer will have a valid user LoginId/Token then they need to use those credentials to call Rest service instead. Then we need to use STANDARD servlet.authstyle.

Where-in most of the calls use BASIC authstyle way, and few need to use STANDARD authstyle.

Problem, with current Rest Services support is in IBM Sterling we don't have any servlet.authstyle specifying both these features of BASIC and STANDARD authstyle. I was wondering why was this not supported. This is need of the hour.
Please do needful.

What is your industry? Retail
How will this idea be used?

Provide synchronous REST calls to Order Capture system and To another application which has access to loginId and token. So that we will be able to call IBM Sterling via Rest Service calls REST APis in both modes (authstyles) with the same deployed Enterprise application in WAS.

  • Guest
    Jun 11, 2020

    This is currently being considered

  • Guest
    Apr 11, 2019

    "Token information should not be a part of URL. There should be a provision to pass it in header parameter." -- I too agree with this.

  • Guest
    Jan 7, 2019

    Token information should not be a part of URL. There should be a provision to pass it in header parameter.

  • Guest
    Aug 16, 2018

    I don't see any update on this. Appreatiate if any one form PRODUCT repsonds on this.



    Sunith Dodda.

  • Guest
    Jun 27, 2018

    Strongly recommend