This portal is to open public enhancement requests against products and services offered by the IBM Data & AI organization. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Search existing ideas
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updateson them if they matter to you. If you can't find what you are looking for,
Post your ideas
Post ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,
Post an idea
Upvote ideas that matter most to you
Get feedback from the IBM team to refine your idea
Specific links you will want to bookmark for future use
DB2 Replication Engine support API-key authentication without username/password
With IDR CDC DB2 LUW Replication Engine, unable to create a source DB2 datastore for DB2 LUW running in Cloud Pak for Data (CP4D). Since CP4D is IAM-enabled for OIDC SSO integration with enterprise Azure AD, DB2 LUW only support programmatic connectivity using API key authentication (not user name/password). However, when creating DB2 LUW datastore in IIDR CDC DB2 LUW Replication Engine, user name/password is mandatory, even if we define extra JDBC parameter for API key and SSL security mechanism.
API key authentication is not an issue for the support packages (DB2 client and IBM Global Security Kit-GSKit) that drives IIDR CDC DB2 LUW Replication Engine. Both DB2 client & IBM GSKit are configured on the same IDR Linux VM, and successfully tested to establish SSL connection to DB2 LUW database running in CP4D using API key and SSL certificate.
There is no current workaround, since CP4D integration with IAM integration service is irreversible, hence there is no way to switch back to username/password authentication for programmatic access to DB2 LUW.
Given IIDR mandates DB2 LUW instances to be created with a DB2 LUW datastore, an additional patch is needed. This patch for IDR DB2 LUW datastore creation function (./dmconfigurets) should allow api key-only authentication mechanism (and allow to omit username/password), when extra JDBC parameters is provided with an apiKey and securityMechanism=15. This will allow the IDR-DB2 LUW connection using custom JDBC connection string to the DB2 LUW instance residing in CP4D. This patch can be called before the step of configuring the username and password.
Do not place IBM confidential, company confidential, or personal information into any field.