Skip to Main Content
Cloud Platform

This is an IBM Automation portal for Cloud Platform products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (

Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.

Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal ( - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal ( - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM. - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.



WebSphere Liberty

Showing 141 of 1819

Support LTPA rotation without requiring planned outage

Idea: make Liberty feature parity with traditional WAS to allow LtpaToken key rotation without having to restart the Liberty profile. LtpaToken SSO key rotation in Liberty currently requires a planned outage, unlike traditional WAS which can rotat...
over 2 years ago in WebSphere Liberty 0 Future consideration

Liberty: Allow variables expansion in jvm.options

Please allow variables expansion in jvm.options of WAS liberty profile the same way it is possible in server.xml
about 7 years ago in WebSphere Liberty 2 Not under consideration

Support OAuth token hashing and encryption

The OAuth/OpenID Connect provider relies on database/volumn encryption to protect access token and associated user data, which is insufficient to prevent data breach. The OAuth bearer access_token represents user credential, and should be protecte...
almost 5 years ago in WebSphere Liberty 0 Future consideration

Liberty API to validate IDP metadata for SAML Configuration

Currently while configuring SAML in ICP , users have to upload IDP metadata as one of the step, Currently ICP does not validate this metadata, validating this would mean ICP has to maintain its own version of SAML schema. It would be better if Lib...
almost 5 years ago in WebSphere Liberty 1 Not under consideration

Extra security check against requests from users who are already authenticated

After a user is authenticated, there are still checks against the server's guest id to the EJBROLE profiles. This can cause, in some cases, excessive logging of unexpected, but valid, failures against the server's guest id and the EJBROLE profiles...
over 2 years ago in WebSphere Liberty 1 Not under consideration

Request refresh_token support in the WebSphere Liberty openidConnectClient.

We need refresh_token support in the WebSphere Liberty openidConnectClient to better handle re-auth during AJAX requests.
about 8 years ago in WebSphere Liberty 0 Future consideration

Complete OSGI modularization of all Liberty Profile Implementation(s)

The complete functionality of the Liberty Profile implementation should be modularized by means of OSGI. Thus, it should be possible that any custom extension to the Liberty Profile server can be implemented and provided as OSGI feature. In partic...
over 10 years ago in WebSphere Liberty 3 Not under consideration

batchManagerZos stop operation

A batchjob in z/OS thats using batchManagerZos indirectly calls a Liberty server for starting up a java batch job. Today, STOP operation will only stops the wrapper job, not the actual batchjob running in Liberty server. We require that a stop req...
almost 6 years ago in WebSphere Liberty 1 Not under consideration

webAppSecurity ssoCookieName should be used by liberty features

For Liberty Server. When using webAppSecurity ssoCookieName, it works fine for applications in the container, but requests from features, such as /IBMJMXConnectorREST/ are still using ltpaToken2. This is mostly an unwanted behaveiour. If the want ...
almost 6 years ago in WebSphere Liberty 0 Future consideration

Provide option to stop Liberty server when application fails to start

For Digital Commerce, we are dockerizing all applications. Application life cycle ties to docker container life cycle. When the application fails to start, the container should also fail, so the orchestrator can notice the failure, then a new cont...
about 6 years ago in WebSphere Liberty 1 Not under consideration