Skip to Main Content
IBM Sterling


This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Delivered
Categories APIs & SDKs
Created by Guest
Created on Jun 22, 2021

Create UserCredentials API returns error when password has '<' or '>' characters

Following PR API is failing when we have < or > character in password . Can you enhance the password entry to accept all special character for password. Following are the more details.

PEM URL: https://apps.pem.ibmcloud.com/equifax/home?locale=en_US

PR URL: https://pr.pem.ibmcloud.com/equifax/login

PR API Request URL: https://pr.pem.ibmcloud.com:443/rest/sponsors/Equifax/usercredentials/

Request Method: POST

Request:

<?xml version="1.0" encoding="UTF-8"?>

<create username="EFAccess" password="76Pc729<" partner="d2551db5-b240-4d65-b18e-16469e7229a0"/>

Response:


<?xml version="1.0" encoding="UTF-8"?>

<error errorCode="400" errorDescription="Request is not valid XML."/>


API Response Status:


HTTP/1.1 400 Bad Request

Reason For Failure:

API execution failed:HTTP/1.1 400 Bad Request


What is your industry? Financial Markets
How will this idea be used?

With out this, Partners are not able to use password with special characters.

  • Guest
    Reply
    |
    Aug 25, 2021

    We have tried in the JSON format instead of XML still we are facing the same issue. Following is the response we have received.


    {
    "errorDescription": "Value may not contain angle brackets.",
    "errorCode": 400}
  • Guest
    Reply
    |
    Aug 25, 2021

    We are going to work on this for a future consideration. In the iterim, can you try to submit this API request in a JSON format instead of XML? We believe that it should work in a JSON format while we consider addressing this for XML.

  • Guest
    Reply
    |
    Aug 6, 2021

    Hello Greg,

    In this case passwords are partner remote profile password. In other words partner SFTP remote host passwords

  • Guest
    Reply
    |
    Aug 6, 2021

    Steven,

    To clarify, the passwords that are being considered are passwords for access to SFG, correct?

  • Guest
    Reply
    |
    Jul 1, 2021

    Hi Greg,


    Workaround you suggested would not work because we are trying to pass partner remote profile so cannot request customer to change his remote profile password.


    Fyi - we are not able pass any XML characters in the password field in API.


    So the request of this enhancement is accept all characters in the password field. Following is the API input.

    <?xml version="1.0" encoding="UTF-8"?>

    <create username="EFAccess" password="76Pc729<" partner="d2551db5-b240-4d65-b18e-16469e7229a0"/>


    Please let me know if you have any questions.

  • Guest
    Reply
    |
    Jul 1, 2021

    Steven,

    If I understand your request correctly, the limitation that you are seeing is that the special characters "<" and ">" can not be used. That does not preclude a whole list of other possible special characters that could be used, correct?

    I will validate with the team, but my initial thought is that the < and > may be problematic when trying to pass these values in the XML delivered via API.

    The workaround would be to add a regular expression to the password field to limit the special characters that can be used and provide a tool tip so that the users would be aware of what characters are allowed in a password.