IBM Data and AI Ideas Portal for Customers

Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Post your ideas

Post ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,

  1. Post an idea

  2. Upvote ideas that matter most to you

  3. Get feedback from the IBM team to refine your idea

Help IBM prioritize your ideas and requests

The IBM team may need your help to refine the ideas so they may ask for more information or feedback. The product management team will then decide if they can begin working on your idea. If they can start during the next development cycle, they will put the idea on the priority list. Each team at IBM works on a different schedule, where some ideas can be implemented right away, others may be placed on a different schedule.

Receive notification on the decision

Some ideas can be implemented at IBM, while others may not fit within the development plans for the product. In either case, the team will let you know as soon as possible. In some cases, we may be able to find alternatives for ideas which cannot be implemented in a reasonable time.

Additional Information

To view our roadmaps:

Reminder: This is not the place to submit defects or support needs, please use normal support channel for these cases

IBM Employees:

The correct URL for entering your ideas is:

Status Not under consideration
Created by Guest
Created on Oct 19, 2020

Enhance Identity Insight Explorer and i2 II plug-in to use the full Liberty authentication framework


We have deployed Identity Insight (II) v9, which uses IBM Liberty and supports the full Liberty framework for authentication. Our II Liberty implementation is configured to use an OpenIdConnect (OIDC) client for authentication with and OIDC server (Okta). This configuration is significant in that we have to conform with the State of New York's enterprise standard of OIDC with Okta. The NYS enterprise Okta ID provider solution uses the statewide LDAP directory. Administration of User IDs and Group IDs is centrally managed for all 65 agencies in the State with well established rules, policies and processes. Unfortunately, two key components of the II product, II Explorer and the i2 Analyst Notebook plug-in for II, do NOT presently support the full Liberty framework for authentication. Rather, they support ONLY the Liberty basic authentication scheme, which is a manual configuration of users and passwords within each deployed Liberty server. This is highly suboptimal for these reasons: 1) There are hundreds of users that now need to be manually administered across multiple Liberty servers, which the NYS central enterprise staff refuse to own, 2) This does not conform with the NYS standard for identity management, 3) There is no way to configure and support a Single SignOn solution.

Needed by Date Jan 4, 2021
  • Guest
    Nov 23, 2020

    Hi Rick

    You can configure II to leverage LDAP, I have customers who have this configured and are using it with V9. Basically, it's a WAS Liberty setup, and not II specific.

    No need for any other software etc. Give me a call if you have questions, or ask Mike D. This is really simple.

  • Guest
    Oct 21, 2020

    Thanks Marcus, apologies for my continued confusion and need to clarify. I'm pleased you are offering key II capabilities on ICP4D late next year. Hopefully by that time the State of New York will have an ICP4D Cluster up and running (it's in procurement at the moment). However, they already have a significant full-blown II implementation that is being expanded. Please confirm that II will continue to be offered in its legacy form, stand-alone, outside of the context of ICP4D. Also, Mike D'Amico is the IBM Lab Advocate for NYS and is also being consulted. Thanks.

  • Admin
    Marcus Boone
    Oct 20, 2020

    Hi Rick - I work with May on the MDM and Entity Analytics offering management team. IBM is still supporting Identity Insight with fixes and currency. As May said, our roadmap calls for introducing key identity insight capabilities on Cloud Pak for Data late next year, where we'll be taking advantage of the authentication framework of the platform.

  • Guest
    Oct 20, 2020

    Hi May Li and thank you for the quick response. Are you representing the position of Cloud Pak for Data (Offering Manager perhaps), and the scope of your statement is MDM/II running on IBM CP4D? Are you saying that IBM is dropping support of stand-alone II? Thanks. Rick Lewis

  • Admin
    MAY LI
    Oct 19, 2020

    Hi Rick,

    Thank you for submission.

    IBM's strategy for Data and AI is Cloud Pak for Data, and our top priority is cloud native MDM/Identity Insight on the Cloud Pak for Data platform.

    The authentication mechanism for the Cloud Pak for Data platform is:

    - IBM Cloud Identity Access Management for Cloud Pak for Data as a Service

    - LDAP, SAML/SSO and inbuilt user registry for Cloud Pak for Data software

    Currently the complex event processing and non-obvious relationship resolution that are core Identity Insight capabilities are slated for a late 2021 / 2022delivery.

    Given the current Identity Insight architecture maturity and our roadmap, we are rejecting this enhancement request.