This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.
IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.
ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.
PEM calling PEM APIs can now use the internally-generated token authentication, and this is working.
External system calling PEM as described in the original request, still requires changing the password every 90 days. There is no way to create a service account with a non-expiring password.
One solution is a randomly generated API key that is only displayed once and functions as a password. Another solution is implementing SSO or LDAP authentication so the internal PEM user database is not used. Both these approaches are used in many large SaaS offerings.
We intend to address this requirement in an upcoming release.
We intend to address this requirement by supporting the use of tokens for the API Configurations. This will allow the primary sponsor administrator to choose to support tokens rather than user name and password. This will remove the need for the primary sponsor administrator to have to update the passwords on the various API Configurations when they update their login password.