Integration


This is an IBM Automation portal for Integration products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.


Add a new idea Subscribe
Status Future consideration
Workspace API Connect
Created by Guest
Created on Aug 1, 2024

RELATED IDEAS

Developer portal not showing the proper error messages if a duplicate email id is used for signup

When a user try to Create Account on the developer portal with an email id which is already used, Instead of showing this error message, It shows " Your registration request has been received, You will receive an email with activation instructions if the request has been successful"

Which will not give a clue to the customer to say that it is a duplicate email id and he has to use a new email for signup.

CreateAccountWi...
CreateAccountWithActicationInstructionsmessage.png
Open full size
CreateAccountWithActicationInstructionsmessage.png
Idea priority Low
  • Guest
    Reply
    |     Aug 3, 2024

    Hi Dan, I acknowledge the security concern.  It is my understanding the system today displays a message indicating the registration was successful and an e-mail will be sent.  However, the system never sends an e-mail.  Would it be possible to change the behaviour so the success message remains but in addition an e-mail is sent to notify the owner of the e-mail address that someone attempted to signup with their e-mail address.  Alternatively, that a generic unsuccessful message is displayed so the applicant knows something is wrong but not what is wrong.

    1 reply
  • Guest
    Reply
    |     Aug 2, 2024

    This behavior is by design to not leak details of existing accounts already created in the system. By providing any other response message we would be confirming that the account typed in is a valid account in the system which sharing that information is a security risk.

    For example: Gaining the understanding of existing accounts is the first step in most social engineering based security threats.

    If you would like to provide additional details or suggestions that would not impact security please provide them here as comments. Otherwise without further details this idea will be closed in 30 days.

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.