Skip to Main Content
Cloud Platform


This is an IBM Automation portal for Cloud Platform products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.


ADD A NEW IDEA

WebSphere traditional

Showing 30

Remove the compromised ciphers from the Strong list in the Cipher suite settings for SSL

Some of the Cipher Suites in the Strong group are not "strong" anymore as have been compromised by attacks like "ROBOT". We think that they should not be included as default as "Strong" ciber-suites.
about 2 years ago in WebSphere traditional 0 Future consideration

To support AES-256 password encryption in traditional WebSphere

As per this link https://www.ibm.com/docs/en/was/9.0.5?topic=files-encrypting-passwords-by-using-aes , WAS only supports AES-128 encryption. My customer's security standard requires AES-256 at the minimum.
about 1 year ago in WebSphere traditional 0 Future consideration

Cert Expiry Endpoints

We are using certificates to call external services from BPM which have an expiration date. As part of our DevOps team we need to monitor when these certificates expires so we can get them renewed before they expire.
over 5 years ago in WebSphere traditional 0 Future consideration

Allow encryption algorithm to be AES-256 in GCM mode for JAX-WS and JAX-RPC security runtime.

We have recently upgraded to AES-256 in CBC mode on JAX-WS and JAX-RPC security runtime for our application servers, however we are required by our cryptography standards to move to the preferred GCM mode before the end of 2021. This option does n...
over 3 years ago in WebSphere traditional 3 Future consideration

Consider to support OAuth2 modern authentication for Mail Sessions in WebSphere Administrative Console

In my organization we're migrating e-mail to Office 365, and Microsoft is deprecating basic authentication (username/password) for email accounts. Instead they are encouraging us to use modern authentication using Client ID, ID tenant... and so. I...
almost 2 years ago in WebSphere traditional 0 Future consideration

Enhancement required in auditing framework to include below changes done through admin console.

We are sending websphere audit log to SEIM to identify critical events. During the testing we identified the below security configurations done through websphere console is not getting audited and not part of audit log. a) Disabling Global Sec...
about 2 years ago in WebSphere traditional 0 Future consideration

SOAP request SAML assertion is not functional by default on WAS.

When a SOAP SAML request which contains a full blown SAML assertion in it is sent over as an http post to WAS, it doesn't process the SAML assertion. Out of the box there is a WEB SSO TAI which can process a SAML assertion provided all the SAML as...
over 9 years ago in WebSphere traditional 1 Future consideration

WS-Security policy set bindings don't work with Web SSO global security

State Farm secures all their web resources in their WAR modules, so nothing is left unsecured. We have a JAX-WS web service endpoint. This is also apparently secured by the Web module security. We have WS-Security specific policy sets defined on t...
over 9 years ago in WebSphere traditional 1 Future consideration

The metrics endpoint should report basic status information about the cell, applications and JVMs similarly to what is shown in the dmgr

As a WAS admin using prometheus for JVM monitoring, I'd like an exposed GAUGE metric that tells me the status of various things from the Deployment Manager perspective: - List the Deployment Manager Cell info, Node info, WAS version. - List all t...
over 2 years ago in WebSphere traditional 0 Future consideration

Enable Options to store old config backups out of WAS installation Directory during restoreConfig.bat

IBM team in Case TS006197127, has requested below To remove old backup configurations as we noticed the issues with that in the past. However we still see you keep old config backups under the profile please remove them from that folder and store ...
almost 3 years ago in WebSphere traditional 0 Future consideration