IBM Z Software


This portal is to open public enhancement requests against IBM Z Software products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

ADD A NEW IDEA

Clear

Z Multi-Factor Authentication

Allow a user to perform MFA compound authentication specifying only the security manager credential with a Radius server that pushes an authentication request to a user device.

Currently MFA requires a credential value that contains a “dummy” MFA portion to cause the Radius server to push an authentication request to the user device. Having the push request generated without explicitly having to specify the dummy MFA por...
over 3 years ago in Z Multi-Factor Authentication Delivered

Manage OpenID Connect (OIDC) certificates on RACF/ICSF

As described on https://www.ibm.com/docs/en/zma/2.3.0?topic=oidc-performing-sso-by-using-no, "You must have a server certificate and private key. This certificate and private key are for use with the included Node.js application, and you do not ne...
over 1 year ago in Z Multi-Factor Authentication Delivered

Improve AZFPASS1 factor to hide the "New password" field when password change or reset is disabled.

When Factor AZFPASS1 is active, the web form authentication shows a RACF password field followed by 2x New Password (optional) requests to change passwords, even if this option was disabled on STC Configuration Attributes, causing confusion to end...
over 1 year ago in Z Multi-Factor Authentication Delivered

Count down to expiration or generation date/time added to token window

Our out-of-band tokens expire after 4 hours and customers continue to lock themselves out of the system attempting to use expired tokens, not realizing they have expired. Suggesting either having a date/time pasted to the same webpage that the tok...
over 1 year ago in Z Multi-Factor Authentication Delivered

Improve problem detection and system responses that allows procedures to respond timely to problems

a) the STCs must internally check in intervalls for misconfiguration and/or error-situations like:- the web-components for STC AZF#IN01 are not available (e.g. because they are not mounted or accidently deleted or moved*) -> this would cause at...
over 5 years ago in Z Multi-Factor Authentication Delivered

Add the Information about PassTicket usage of MFA provisioned users in RACROUTE REQ=VERIFY exit parameter-list

We have currently no information in RACROUTE REQ=VERIFY exit if an MFA user with factor AZFPTKT1 has used a PassTicket. I expect RIXPTAUT, which indicates that the user is being authenticated by a PassTicket is useful, but RIXPTAUT is in this case...
almost 4 years ago in Z Multi-Factor Authentication Delivered

Signal to enduser that MFA window expired

We are using AZFCERT1 and AZFPTKT1 as MFA factors, allowing passticket for applications after a successful MFA on Supersession within a certain timeframe (window).When this window expires, enduser is not aware of the reason and hits enter again an...
over 3 years ago in Z Multi-Factor Authentication Delivered

Allow Enter key to mimic Submit key in MFA logon web site

IBM Z Multi-Factor Authentication web access only allows user to click Submit to obtain their MFA token. It is normal practive to be able to press Enter key to do the same thing.Can this be changed to allow this function?
about 5 years ago in Z Multi-Factor Authentication Delivered

Out-of-band Webpage to display RACF Password expiry warning (Similar to 'ICH70002I YOUR PASSWORD WILL EXPIRE IN nnn DAYS' message in TSO)

IBM Z Multi-Factor Authentication V2.1 Authentication factors: Generic RADIUS (AZFRADP1) & Password (AZFPASS1) Out-of-band Authentication RACF option PASSWORD(WARNING) is enabled. When a non-MFA enabled user successfully logs in to TSO, the ...
about 4 years ago in Z Multi-Factor Authentication Delivered

Display generated token non-readable by default.

We are testing with MFA V2R0 for z/OS and are using the certificate based authentication (factor AZFCERT1). All works fine … however our auditors would like to have the generated token which is used instead of a password to be non-readable. This t...
about 6 years ago in Z Multi-Factor Authentication Delivered

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.