IBM Z Software
This portal is to open public enhancement requests against IBM Z Software products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).
Shape the future of IBM!
We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Search existing ideas
Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,
Post your ideas
Post an idea.
Get feedback from the IBM team and other customers to refine your idea.
Follow the idea through the IBM Ideas process.
Specific links you will want to bookmark for future use
Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.
IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.
ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.
This RFE has been assessed by the team.
API requester has the following properties that could be used to specify the X-IBM-Client-Id and X-IBM-Client-Secret headers to API Connect. This causes fields to be generated in the request copybook that the z/OS app must populate with the client ID and secret value. There's no method of indirection to pick up these values from server.xml.
apiKeyParmNameInHeaderSpecify
the name of an API key that is sent as a request header. The value of this parameter can be set in a comma separated list of a combination of client ID and client secret. For example, you can set apiKeyParmNameInHeader =header-IBM-Client-ID, header-IBM-Client-secret when a client ID and a client secret are used to protect an API.
apiKeyParmNameInQuerySpecify
the name of an API key that is sent in a query string. The value of this parameter can be set in a comma separated list of a combination of client ID and client secret. For example, you can set apiKeyParmNameInQuery=query-IBM-Client-ID, query-IBM-Client-secret when a client ID and a client secret are used to protect an API.
apiKeyMaxLengthSpecify
the maximum length of the values set for API keys. The value of this parameter can be a positive integer in the range 1 - 32767. By default, apiKeyMaxLength is set to 255.
https://www.ibm.com/support/knowledgecenter/SS4SVW_3.0.0/securing/requester_auth_api_key.html
For example, specifying apiKeyParmNameInHeader=X-IBM-Client-id,X-IBM-Client-Secret will yield a generated request copybook with these fields added in:
06 ReqHeaders.
09 X-IBM-Client-id-length PIC S9999 COMP-5 SYNC.
09 X-IBM-Client-id PIC X(255).
09 X-IBM-Client-Secret-length PIC S9999 COMP-5 SYNC.
09 X-IBM-Client-Secret PIC X(255).
Whilst the solution available in the product today is slightly different to the approach suggested in this RFE, it does enable the use of API keys when calling out to API Connect. As such this RFE is being closed as delivered.
If you have any further requirements in addition to the capability that exists today, we would welcome another RFE