Skip to Main Content

This is an IBM Automation portal for Integration products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (

Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.

Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal ( - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal ( - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM. - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.


Pinned ideas

View all
PINNED Add a "Maximum persistent reuse" parameter for the backside of an MPGW or WSP
On an MPGW or a WSP, I want to be able to configure that the persistent backside connection should be closed after X amount of requests have been sent through that connection. I can already do this for the frontside by setting the "Maximum persist...
PINNED Add "New Web Service Proxy" wizard to the new Carbon UI
The new Carbon UI does not contain all features that exist in the "old" UI. Espcially the interactive wizard to create a new WS-Proxy service has not been implemented in the new UI and has been, among other wizards, marked as deprecated (see https...

DataPower Gateway

Showing 302 of 2276

Establish full RFC compliance with Datapower Passive session affinity

When using Datapowers' session affinity type passiv being based on the DPJESSIONID injection cookie we discovered that this implementation is not fully compliant with the cookie RFC6225. The Datapower implementation requires always to set a cookie...
about 6 years ago in DataPower Gateway 0 Not under consideration

IMSConnectHandler support for different IRM Arch level messages

At the moment DataPower IMSConnect handler assumes a fixed message header length of 80 bytes. Accordingly rejects headers with length less than 80 directly, and parses messages with longer header lengths incorrectly (leaking header bytes to payloa...
about 6 years ago in DataPower Gateway 0 Not under consideration

Additional use of "SMTP Server Connection"

Our Datapower sends mails and we have been asked to start using TLS & encryption but we cannot meet the request: - SMTP log targets are missing TLS and authentication capabilities. - At the same time dpsmtp(s) URLs for the dp:url-open compl...
over 1 year ago in DataPower Gateway 0 Not under consideration

Disable automatic retries for Data Source objects - NFCU

Data Source objects continually retry every second in order to get to the 'up' status. In the case of expiring database credentials or other issue where the database server will not come up until there is intervention, the retry causes unnecessary...
about 3 years ago in DataPower Gateway 0 Future consideration

Sign the payload with SHA256withRSA

We had found the following algorithm SHA256withRSA is not listed in the list instead of which RS256 is available
about 3 years ago in DataPower Gateway 1 Functionality already exists

Disable Internal Entity Reference

It was possible to exploit a vulnerability in the configuration of the XML processor to define an entity that referenced other entities. If defined recursively then the XML parser will consume exponentially increasing amounts of memory and process...
over 1 year ago in DataPower Gateway 0 Future consideration

Checking for certificates critical key usage extension (more than just CA)

Check certificate key usage extension if key usage is marked critical (PKIX for more than just CA) .
over 6 years ago in DataPower Gateway 2 Not under consideration

DNS over TLS

A simple easily added feature to enhance the DataPower gateway would be to add TLS to the DNS configuration so that we can officially support DNS over TLS.
about 3 years ago in DataPower Gateway 0 Future consideration

Qualys web scan flagging a "Slow HTTP Request" vulnerability on MPGW. This is considered a High Risk vulnerability.

Qualys scan found a potential Slow HTTP headers vulnerability which can be exploded for a Denial of Service (DoS) attack. The offending behavior identified by Qualys is that the server resets timeout after accepting headers from peers when process...
over 3 years ago in DataPower Gateway 0 Future consideration

Add option for Multiple KDC servers for DataPower Resiliency

We are using kerberos delegation and have a KDC server configured. We have 4 KDCs but have only configured one of them in DataPower. Microsoft doesn't support load balancing KDC's, so we are not able point to a load balanced address for the KDC se...
over 3 years ago in DataPower Gateway 0 Future consideration