Integration


This is an IBM Automation portal for Integration products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.


ADD A NEW IDEA

Pinned ideas

View all
PINNED OpenAPI schema validation including headers
Currently to schema validate a REST based API in DataPower you have to extract the JSON schema from the OpenAPI file and then code manually code the individual header checks defined in the OpenAPI file Would be a vast improvement to be able to j...
Share feedback 1
PINNED supports ECDH-ES algorithms for JWE
Debit or credit card tokenizers (THALES / VISA / Etc.) implement JWE with ECDH as an encryption mechanism for sensitive data in the different flows applicable to wallets such as Apple Pay, GPay, etc. given its wide diffusion and easy adoption.
Share feedback 1

Ideas

Showing 449 of 3327

Add support of the SameSite security flag when connecting to Datapower UI via the browser. According security survey lack of it can be a security risk when this is not implemented.

SameSite security flag for cookies restrictions provide partial protection against a variaty of cross-site attacks, including CSRF, cross-site leaks and some CORS exploits. It is recommended that the SameSite flag should be used in Datapower UI vi...
5 months ago in DataPower Gateway 0 Future consideration

webMethods Integration Server logs in JSON format (Server.log, WMERROR*.log, WMSECURITY*.log)

For more readability and adhere to new standard we would like to have Intergration Server logs (Server.log, WMERROR*.log, WMSECURITY*.log) in JSON format
over 1 year ago in webMethods Integration/Microservices Runtime 0 Submitted

Fix TLS MITM attack vulnerability

The datapower gateway (that acts as a client in a TLS handshake) does not check if the domain name of the endpoint URL can be matched against the CN or the SAN in the certificate (despite the TLS profile we configure explicitly states to do that)....
over 5 years ago in DataPower Gateway 0 Future consideration

we are using Oauth client profile, where client secret is visible , so security team has raised concern to avoid as it can be security breach.

we are using Oauth client profile, where client secret is visible, so security team has raised concern to avoid as it can be security breach. Request you to create any way to hide or mask the client secret in Oauth profile. So, this can be useful ...
over 2 years ago in DataPower Gateway 0 Future consideration

"RAD inconsistent" error message on publish of an IO API to include details about the location of the inconsistency

After importing a new version of an API in IO inconsistencies may occur. These are very hard to spot, if not impossible, without access to the actual code. It would be really helpful if the error message, that displays after you've tried to publis...
6 months ago in webMethods Integration/Microservices Runtime 4 Future consideration

Support for WebAuthn

Since username/password will be considered obsolete sooner or later, DataPower should also support WebAuthn (aka FIDO2 or Passkey). In a first step it would be really nice to have it in the RBM settings i.e. for the management login. In second ste...
over 1 year ago in DataPower Gateway 2 Not under consideration

Padding for log file rotation

Currently log file rotation is done by adding a simple index, e.g. mylog.txt will be "rotated" to mylog.txt.1 and so forth. In case of more than 9 rotations we will have a file with name mylog.txt.10 which, due to the filsystem's alphabetical orde...
over 1 year ago in DataPower Gateway 0 Future consideration

Add new Log Category that behaves like a default log level in Java

The current Log Target event subscription doesn't behave like most people would expect. The minimum event priority of the the event category "all" overrides all other categories and doesn't behave like the default log level in e.g. Java. This make...
almost 2 years ago in DataPower Gateway 2 Not under consideration

CLI command for TLS troubleshooting

Currently it is hard to troubleshoot TLS connection issues as there is no CLI command available for this purpose. It is particularly difficult in environments where only DataPower is allowed to connect to a certain backend. A command similar to "o...
almost 2 years ago in DataPower Gateway 2 Not under consideration

Review of Log errrors[unwanted IS Logs]

Log level is set to info as per DHL existing environment setup for detailed trouble shooting. Hence we cannot change log level to warn/error/fatal to reduce logging on console.. Concern was it might cause issue in triaging any issue in production.
6 months ago in webMethods Integration/Microservices Runtime 0 Submitted

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.