Skip to Main Content
IBM Sterling


This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Not under consideration
Created by Guest
Created on Nov 20, 2023

Password & Key based authentication for individual users using single SFTP Server Adapter

Password or key, Password and key, Password, Key based authentication functionality is required with respective users segregation. Assuming that the SFTP server adapter's authentication type is set to Password or Key, when a user with access to the server only needs to provide their password to authenticate he can able to authenticate. but, when the users who require to provide both a password and a key will also be able to authenticate the SFG server, but in this instance, the second user who requires both a password and a key must be denied access. End users are impacted by modifications made to the SFTP server adapter since they are global change.

What is your industry? Banking
How will this idea be used?

Password or key, Password and key, Password, Key based authentication functionality is required with respective users segregation.

Example:

Let us take an example with 4 different users A,B,C,D. Where the SFTP Server Adapter is configured with Password or Public key.

A- Password

B- Public Key

C- Password or Public Key

D- Password and Public Key

A - When user A tries to authenticate to SFG server from any SFTP client he can be authenticate by passing only Password.

B - When user B tries to authenticate to SFG server from any SFTP client he can be authenticate by passing only Publickey.

C - When user C tries to authenticate to SFG server from any SFTP client he can be authenticate by passing Password or Public key.

D - When user D tries to authenticate to SFG server from any SFTP client he can be authenticated using either password or public key (i.e.., without passing both also he can connect) because in SFTP server adapter we kept Password or Public key. But this will be impacted on the business/security perpspective.

There is no option to segregate the authentication type based on users with single SFTP server adapter, which will be impacted on the organization on security basis. Need the user based segregation authentication type using single SFTP server adapter.

  • Admin
    Mark Allen
    Reply
    |
    Jan 31, 2024

    Thank you for taking the time to provide your ideas to IBM. We truly value our relationship with you and appreciate your willingness to share details about your experience, your recommendations, and ideas.

    IBM has evaluated the request and has determined that it cannot be implemented at this time or does not align with our current strategy or roadmap. As per the support ticket, the best option is to use different adapters for different security profiles, which is industry standard and what other customers do for this use case. It would be difficult to have a single adapter manage different security profiles at the same time - some more restrictive for a subset of users and less restrictive for other users in the same adapter.


    Thank you for bringing your ideas to us. If you have any additional feedback, thoughts or ideas, or if there is anything else I can do, please do not hesitate to reply to this message to continue the conversation.