Skip to Main Content
Integration


This is an IBM Automation portal for Integration products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.


Status Future consideration
Workspace API Connect
Created by Guest
Created on Dec 27, 2022

LDAP Group mapping for consumer organizations

Since version 10.0.2 the ldap group mapping for pOrg and the CMC was introduced. We also think it is beneifical to be able to map ldap group to roles in a consumer organisation. Currently this is not supported.

Idea priority Medium
  • Guest
    Reply
    |
    Feb 16, 2023

    Hi, thank you for the follow up.

    LDAP scope: Internal Users - Correct

    Self Service (registration): Disabled - Correct

    Role-Group Granularity : Is your request that role group(s) defined after a cOrg is created for that specific cOrg? Yes

    "

    Each Contain a large number of users that may change frequently that are mostly of type Members/Viewers (See Table 5 - https://www.ibm.com/docs/en/api-connect/10.0.5.x_lts?topic=overview-api-connect-user-roles). This assumption is based on our thought of having a large number of users in the same Consumer organization that can all modify a large number of Apps & Subscriptions didn't make as much sense but if so would like to understand that more."


    We are currently only using the APIC solution for internal use. We have a large number of separate developer groups that are going to use and expose API's. Each dev group should be able to develop it's own API's and there should be one central marketplace.


    The way we have set it up is that in development we have one pOrg for each dev group. And in production we will export the API's and product from this pOrg and deploy it to there own space in a specific catalog from the production pOrg. This way we have a central marketplace and the developers have there own dev environment.


    The same developers will also want to use API's from other teams. So the idea is to create one cOrg for each group of developers in the "production catalog". So they can manager there own applications and subscriptions. Currently the roles of the pOrgs are managed by groups. We would like to do the same for the cOrg members to make the life easier for our developerS. By working like this we can also use the visibility settings to limit some API's to specific dev groups.


    i hope this clarifies some things.



  • Admin
    Dan Temkin
    Reply
    |
    Feb 16, 2023

    Thank you for providing this suggested enhancement to IBM API Connect. Seeking additional information at this time should not be interpreted as a commitment but to provide us a better business understand and for possible scoping the work required if we move forward with this request. If more details can be provided here in the comments or request us to contact you directly for a feedback session.

    Here are some of our questions and working assumptions:

    LDAP scope: Internal Users (if not why?)

    Self Service (registration): Disabled (If not how?)

    Role-Group Granularity: Is your request that role group(s) defined after a cOrg is created for that specific cOrg?

    Consumer Organization: Each Contain a large number of users that may change frequently that are mostly of type Members/Viewers (See Table 5 - https://www.ibm.com/docs/en/api-connect/10.0.5.x_lts?topic=overview-api-connect-user-roles). This assumption is based on our thought of having a large number of users in the same Consumer organization that can all modify a large number of Apps & Subscriptions didn't make as much sense but if so would like to understand that more.