Integration


This is an IBM Automation portal for Integration products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.


ADD A NEW IDEA

API Connect

Showing 88

Reflect changes done in a Catalog Property defined within a Catalog and being used in APIs without need to Republish Products containing those APIs

It would be useful as customers can modify the catalog property value at runtime without need to republish all the products containing the APIs referring the particular catalog property everytime there is change in the catalog property.
6 months ago in API Connect 0 Not under consideration

Request that MaaS360 Support API Get/Fetch data for "Users" Employee ID, Department, and Division user information. This will facilitate a more robust API reporting for asset and comprehensive inventory management.

This is useful because we have a 3rd party application that would like like to fetch that data along with other important device related information.
6 months ago in API Connect 1 Not under consideration

Cookie Path set to Root

We have identified a vulnerability in the Developer Portal subsystem where the cookie “Path” attribute is set to the root directory (“/”). This configuration may allow an attacker to gain unauthorized access to cookies from other applications on t...
6 months ago in API Connect 2 Not under consideration

Browser side Drupal Encryption for Password being submitted to block the MITM attack

In VAPT, Customer is able to decrypt the password using Burp Suite to trap the request and see the password. The TLS Encryption Alone cannot block the attacker to decrypt the password. In some places, the Password used is of Organization which can...
over 1 year ago in API Connect 1 Not under consideration

OAuth third party - Token management

API Connect like a client, I need to call a backend with a OAuth token third party. Today, always we need to call this API, we need to create a new token. We need that API Connect do token management. Generate a new token when necessary, storage a...
over 1 year ago in API Connect 1 Not under consideration

Select multiple products/plans/APIs/users in the e-mail subscribers feature

We want to have the option to choose several products/plans/APIs/users in the list to be able to send the same message to multiple receivers in the same sending. At the moment, we have to resend the same message to each category of receivers. We a...
over 1 year ago in API Connect 1 Not under consideration

Automatic logout upon password change

VAPT Point for IBM Developer Portal: Bank security has recommended immediately invalidating all active sessions when a password is changed to prevent unauthorized access. This includes destroying session tokens server-side to ensure that any exist...
10 months ago in API Connect 2 Not under consideration

Allowed HTTP methods in IBM API Manager UI

Hi Team... We have a security requirement in our organization and that is unsafe HTTP methods like GET, HEAD, OPTIONS, PATCH, PUT, DELETE should not be allowed in WAF proxy. As per organizations security mandate, we have integrated API Manager Web...
10 months ago in API Connect 1 Not under consideration

Allowing the use of OAuth Providers with duplicate basePath of token endpoint without scope parameter

We request further improvements to idea number APICONN-I-350 (https://ideas.ibm.com/ideas/APICONN-I-350).Our problem is the same as with APICONN-I-350, but there was a condition where the scope was different even though the basic pathwas the same ...
11 months ago in API Connect 1 Not under consideration

Map the OAuth provider--> Basic Authentication Username/Password with incoming request values (as ClientId/Secret)

Hi Team, Since we are in process of migration, and while migrating OAuth provider facing one blocker as stated below, need help with enhancement to the APIC product LTS V10. I have attached the PMR case raised for the same, please take reference f...
11 months ago in API Connect 3 Not under consideration

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.