IBM Sterling Ideas

Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Post your ideas

IBM is transforming its request for enhancement (RFE) process. The purpose of the transformation is to provide a more consistent experience for you to submit requests and to enable IBM product owners to respond to your requests more quickly. For more information click here.

Start by posting ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,
1. Post an idea
2. Upvote ideas that matter most to you
3. Get feedback from the IBM team to refine your idea

Help IBM prioritize your ideas and requests

The IBM team may need your help to refine the ideas so they may ask for more information or feedback. The offering manager team will then decide if they can begin working on your idea. If they can start during the next development cycle, they will put the idea on the priority list. Each team at IBM works on a different schedule, where some ideas can be implemented right away, others may be placed on a different schedule.

Receive notifications on the decision

Some ideas can be implemented at IBM, while others may not fit within the development plans for the product. In either case, the team will let you know as soon as possible. In some cases, we may be able to find alternatives for ideas which cannot be implemented in a reasonable time.

Create UserCredentials API returns error when password has '<' or '>' characters

Following PR API is failing when we have < or > character in password . Can you enhance the password entry to accept all special character for password. Following are the more details.



PR API Request URL:

Request Method: POST


<?xml version="1.0" encoding="UTF-8"?>

<create username="EFAccess" password="76Pc729<" partner="d2551db5-b240-4d65-b18e-16469e7229a0"/>


<?xml version="1.0" encoding="UTF-8"?>

<error errorCode="400" errorDescription="Request is not valid XML."/>

API Response Status:

HTTP/1.1 400 Bad Request

Reason For Failure:

API execution failed:HTTP/1.1 400 Bad Request

  • Guest
  • Jun 22 2021
  • Planned for future release
What is your industry? Financial Markets
How will this idea be used?

With out this, Partners are not able to use password with special characters.

  • Guest commented
    25 Aug, 2021 09:40pm

    We have tried in the JSON format instead of XML still we are facing the same issue. Following is the response we have received.

    "errorDescription": "Value may not contain angle brackets.",
    "errorCode": 400}
  • Admin
    Greg Russell commented
    25 Aug, 2021 01:38pm

    We are going to work on this for a future consideration. In the iterim, can you try to submit this API request in a JSON format instead of XML? We believe that it should work in a JSON format while we consider addressing this for XML.

  • Guest commented
    6 Aug, 2021 08:19pm

    Hello Greg,

    In this case passwords are partner remote profile password. In other words partner SFTP remote host passwords

  • Admin
    Greg Russell commented
    6 Aug, 2021 06:22pm


    To clarify, the passwords that are being considered are passwords for access to SFG, correct?

  • Guest commented
    1 Jul, 2021 04:50pm

    Hi Greg,

    Workaround you suggested would not work because we are trying to pass partner remote profile so cannot request customer to change his remote profile password.

    Fyi - we are not able pass any XML characters in the password field in API.

    So the request of this enhancement is accept all characters in the password field. Following is the API input.

    <?xml version="1.0" encoding="UTF-8"?>

    <create username="EFAccess" password="76Pc729<" partner="d2551db5-b240-4d65-b18e-16469e7229a0"/>

    Please let me know if you have any questions.

  • Admin
    Greg Russell commented
    1 Jul, 2021 03:53pm


    If I understand your request correctly, the limitation that you are seeing is that the special characters "<" and ">" can not be used. That does not preclude a whole list of other possible special characters that could be used, correct?

    I will validate with the team, but my initial thought is that the < and > may be problematic when trying to pass these values in the XML delivered via API.

    The workaround would be to add a regular expression to the password field to limit the special characters that can be used and provide a tool tip so that the users would be aware of what characters are allowed in a password.

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.