This portal is to open public enhancement requests against products and services offered by the IBM Data & AI organization. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Search existing ideas
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,
Post your ideas
Post ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,
Post an idea
Upvote ideas that matter most to you
Get feedback from the IBM team to refine your idea
Specific links you will want to bookmark for future use
Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.
IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.
ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.
IBM Employees should enter Ideas at https://ideas.ibm.com
See this idea on ideas.ibm.com
THIS IS FOR IBM INFOSPHERE IDENTITY INSIGHT*****
We have deployed Identity Insight (II) v9, which uses IBM Liberty and supports the full Liberty framework for authentication. Our II Liberty implementation is configured to use an OpenIdConnect (OIDC) client for authentication with and OIDC server (Okta). This configuration is significant in that we have to conform with the State of New York's enterprise standard of OIDC with Okta. The NYS enterprise Okta ID provider solution uses the statewide LDAP directory. Administration of User IDs and Group IDs is centrally managed for all 65 agencies in the State with well established rules, policies and processes. Unfortunately, two key components of the II product, II Explorer and the i2 Analyst Notebook plug-in for II, do NOT presently support the full Liberty framework for authentication. Rather, they support ONLY the Liberty basic authentication scheme, which is a manual configuration of users and passwords within each deployed Liberty server. This is highly suboptimal for these reasons: 1) There are hundreds of users that now need to be manually administered across multiple Liberty servers, which the NYS central enterprise staff refuse to own, 2) This does not conform with the NYS standard for identity management, 3) There is no way to configure and support a Single SignOn solution.
Needed by Date | Jan 4, 2021 |
By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.
Hi Rick
You can configure II to leverage LDAP, I have customers who have this configured and are using it with V9. Basically, it's a WAS Liberty setup, and not II specific.
No need for any other software etc. Give me a call if you have questions, or ask Mike D. This is really simple.
Thanks Marcus, apologies for my continued confusion and need to clarify. I'm pleased you are offering key II capabilities on ICP4D late next year. Hopefully by that time the State of New York will have an ICP4D Cluster up and running (it's in procurement at the moment). However, they already have a significant full-blown II implementation that is being expanded. Please confirm that II will continue to be offered in its legacy form, stand-alone, outside of the context of ICP4D. Also, Mike D'Amico is the IBM Lab Advocate for NYS and is also being consulted. Thanks.
Hi Rick - I work with May on the MDM and Entity Analytics offering management team. IBM is still supporting Identity Insight with fixes and currency. As May said, our roadmap calls for introducing key identity insight capabilities on Cloud Pak for Data late next year, where we'll be taking advantage of the authentication framework of the platform.
Hi May Li and thank you for the quick response. Are you representing the position of Cloud Pak for Data (Offering Manager perhaps), and the scope of your statement is MDM/II running on IBM CP4D? Are you saying that IBM is dropping support of stand-alone II? Thanks. Rick Lewis
Hi Rick,
Thank you for submission.
IBM's strategy for Data and AI is Cloud Pak for Data, and our top priority is cloud native MDM/Identity Insight on the Cloud Pak for Data platform.
The authentication mechanism for the Cloud Pak for Data platform is:
- IBM Cloud Identity Access Management for Cloud Pak for Data as a Service
- LDAP, SAML/SSO and inbuilt user registry for Cloud Pak for Data software
Currently the complex event processing and non-obvious relationship resolution that are core Identity Insight capabilities are slated for a late 2021 / 2022delivery.
Given the current Identity Insight architecture maturity and our roadmap, we are rejecting this enhancement request.