Skip to Main Content
IBM Sterling


This portal is to open public enhancement requests for IBM Sterling products and services. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

ADD A NEW IDEA

Sterling Partner Engagement Manager

Showing 209

Refresh Token provided in HTTP Headers

Current situation: The OpenID Connect refresh token is sent as a GET parameter to the webservers of pem-pp and pem-pr applications so the refresh token is showed in the URL history of the browser/sniffer traffic: Example: GET/rochesso/home?refresh...
6 months ago in Sterling Partner Engagement Manager / Security 0 Under review

Use Refresh token rotation to make Jwt token more secure

Current Situation: An access token allows temporary access to restricted resources, PEM APIs, and so has a short validity period of 5 minutes (configurable through system properties). A refresh token has a longer validity as it allows users to log...
6 months ago in Sterling Partner Engagement Manager / Security 0 Under review

Feature to close bulk PEM Portal and Provisioner Activities

Currently, each activity or rollout has to be manually and separately closed. During development, Unit Testing, and UAT cycles lots of activities are created. There should be a way in PEM to bulk close Portal and Provisioner activities based on fi...
over 5 years ago in Sterling Partner Engagement Manager / Usability 0 Not under consideration

Check file upload content with magic bytes

At current situation a malicious user can bypass the file type restrictions for logos in pem-pp application. It is possible to bypass the upload restrictions and upload a disallowed file by changing the file Content-Type to an allowed one. The ser...
6 months ago in Sterling Partner Engagement Manager / Security 0 Under review

Strip LDAP syntax from SEAS return data and return just the values

PEM/PCM requires each user to have a “role”. When LDAP is integrated with PCM, the “role” is obtained as a mapping from an LDAP attribute value. Enterprise customers with an enterprise Microsoft Active Directory schema can be constrained from usin...
7 months ago in Sterling Partner Engagement Manager / Permission/Roles 0 Under review

Looping Functionality for Dialogs (UI, API, XSLT)

Many times it is not possible to know the number of times that you need an API to execute. Looping would allow the execution of an API or UI dialog to be dynamic. This could be utilized in a great number of use cases, one of which I outlined below.
almost 6 years ago in Sterling Partner Engagement Manager / Workflows 1 Functionality already exists

podman support for PEM

RHEL 8 native provides podman instead of docker. While it's possible to install docker ce on RHEL, that puts the user into unsupported area with RHEL 8 support. Would like to have podman as a support container engine.
about 2 years ago in Sterling Partner Engagement Manager / Administration & Configuration 3 Planned for future release

Partner invitation should identify the duplicates and warn the sponsor.

PEM should throw an warning saying that the user is already registered or Invitation sent to partner as soon as sponsor clicks on Invite button and the a partner is registered with that Email Id already. This avoid sending the duplicate invites to...
almost 3 years ago in Sterling Partner Engagement Manager / Usability 1 Not under consideration

Allow Workflow to Continue After API has Failed

When creating an API dialog there should be an option to continue workflow even when the API fails. Preferably, it would have conditions to continue based upon what error is received.
over 5 years ago in Sterling Partner Engagement Manager / Workflows 1 Planned for future release

Provide a read-only role for the Partner Repository

We'd like to be able to provide sponsor users who are not admins a way to have read-only access to the items in the Partner Repository, such as Code Lists, Generic Data, etc.
about 5 years ago in Sterling Partner Engagement Manager / Permission/Roles 1 Planned for future release