IBM Data and AI Ideas Portal for Clients

Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Post your ideas

If you have not registered on this portal please register at . To complete registration you will need to open the email you will receive from Aha to confirm your identity.

Post ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,

  1. Post an idea

  2. Upvote ideas that matter most to you

  3. Get feedback from the IBM team to refine your idea

Help IBM prioritize your ideas and requests

The IBM team may need your help to refine the ideas so they may ask for more information or feedback. The offering manager team will then decide if they can begin working on your idea. If they can start during the next development cycle, they will put the idea on the priority list. Each team at IBM works on a different schedule, where some ideas can be implemented right away, others may be placed on a different schedule.

Receive notification on the decision

Some ideas can be implemented at IBM, while others may not fit within the development plans for the product. In either case, the team will let you know as soon as possible. In some cases, we may be able to find alternatives for ideas which cannot be implemented in a reasonable time.

Additional Information

To view our roadmaps:

Reminder: This is not the place to submit defects or support needs, please use normal support channel for these cases

IBM Employees:

The correct URL for entering your ideas is:

Enhance Identity Insight Explorer and i2 II plug-in to use the full Liberty authentication framework


We have deployed Identity Insight (II) v9, which uses IBM Liberty and supports the full Liberty framework for authentication. Our II Liberty implementation is configured to use an OpenIdConnect (OIDC) client for authentication with and OIDC server (Okta). This configuration is significant in that we have to conform with the State of New York's enterprise standard of OIDC with Okta. The NYS enterprise Okta ID provider solution uses the statewide LDAP directory. Administration of User IDs and Group IDs is centrally managed for all 65 agencies in the State with well established rules, policies and processes. Unfortunately, two key components of the II product, II Explorer and the i2 Analyst Notebook plug-in for II, do NOT presently support the full Liberty framework for authentication. Rather, they support ONLY the Liberty basic authentication scheme, which is a manual configuration of users and passwords within each deployed Liberty server. This is highly suboptimal for these reasons: 1) There are hundreds of users that now need to be manually administered across multiple Liberty servers, which the NYS central enterprise staff refuse to own, 2) This does not conform with the NYS standard for identity management, 3) There is no way to configure and support a Single SignOn solution.

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Oct 19 2020
  • Not Under Consideration
Who would benefit from this IDEA? 1) All NYS users of Identity Insight will benefit from this enhancement. 2) The NYS II implementation will then be deemed to be in conformance with the NYS enterprise standard for Identity Management.
How should it work?

The II Explorer and the i2 Analyst Notebook plug-in for II should be enhanced to support Liberty's full authentication framework, including the use of OpenIdConnect.

Idea Priority High
Priority Justification 1) Current II implementation is non-conforming to NYS enterprise standards, 2) Potential security exposures due to de-centralized, multiple ID provider solutions, 3) inconsistencies in the II product itself.
Client Name State of New York
  • Attach files
  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    23 Nov, 2020 07:05pm

    Hi Rick

    You can configure II to leverage LDAP, I have customers who have this configured and are using it with V9. Basically, it's a WAS Liberty setup, and not II specific.

    No need for any other software etc. Give me a call if you have questions, or ask Mike D. This is really simple.

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    21 Oct, 2020 02:02am

    Thanks Marcus, apologies for my continued confusion and need to clarify. I'm pleased you are offering key II capabilities on ICP4D late next year. Hopefully by that time the State of New York will have an ICP4D Cluster up and running (it's in procurement at the moment). However, they already have a significant full-blown II implementation that is being expanded. Please confirm that II will continue to be offered in its legacy form, stand-alone, outside of the context of ICP4D. Also, Mike D'Amico is the IBM Lab Advocate for NYS and is also being consulted. Thanks.

  • Admin
    Marcus Boone commented
    20 Oct, 2020 09:06pm

    Hi Rick - I work with May on the MDM and Entity Analytics offering management team. IBM is still supporting Identity Insight with fixes and currency. As May said, our roadmap calls for introducing key identity insight capabilities on Cloud Pak for Data late next year, where we'll be taking advantage of the authentication framework of the platform.

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    20 Oct, 2020 03:50am

    Hi May Li and thank you for the quick response. Are you representing the position of Cloud Pak for Data (Offering Manager perhaps), and the scope of your statement is MDM/II running on IBM CP4D? Are you saying that IBM is dropping support of stand-alone II? Thanks. Rick Lewis

  • Admin
    MAY LI commented
    19 Oct, 2020 11:15pm

    Hi Rick,

    Thank you for submission.

    IBM's strategy for Data and AI is Cloud Pak for Data, and our top priority is cloud native MDM/Identity Insight on the Cloud Pak for Data platform.

    The authentication mechanism for the Cloud Pak for Data platform is:

    - IBM Cloud Identity Access Management for Cloud Pak for Data as a Service

    - LDAP, SAML/SSO and inbuilt user registry for Cloud Pak for Data software

    Currently the complex event processing and non-obvious relationship resolution that are core Identity Insight capabilities are slated for a late 2021 / 2022delivery.

    Given the current Identity Insight architecture maturity and our roadmap, we are rejecting this enhancement request.

IBM's success depends on gathering feedback from customers like yourself. Aha Ideas Portal is the third party tool through which IBM Offering Managers gather feedback from customers such as yourself.
IBM is a global organization with business processes, management structures, technical systems and service provider networks that cross borders. As such, the information collected through Aha Ideas Portal (Customer Name, Customer Email Address) will be stored by them in the United States, and handled only as per IBM's instructions and policies. Your data (Name and Email Address) will NOT be shared with other IBM customers.
In order to safeguard your information in Aha, do not leave your workstation unattended while using this application, log off after using it, and print only if necessary. If you need to make a hardcopy, remember to pick up the print-out immediately, keep it under lock, and destroy it immediately when no longer needed.
NOTICE TO EU RESIDENTS: per EU Data Protection Policy, if you wish to remove your personal information from the IBM ideas portal, please login to the ideas portal using your previously registered information then change your email to "anonymous@euprivacy.out" and first name to "anonymous" and last name to "anonymous". This will ensure that IBM will not send any emails to you about all idea submissions