Shape the future of Merative!
We invite you to shape the future of Merative, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:
Post your ideas
Start by posting ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,
Post an idea
Upvote ideas that matter most to you
Get feedback from the Merative team to refine your idea
Help Merative prioritize your ideas and requests
The Merative team may need your help to refine the ideas so they may ask for more information or feedback. The offering manager team will then decide if they can begin working on your idea. If they can start during the next development cycle, they will put the idea on the priority list. Each team at Merative works on a different schedule, where some ideas can be implemented right away, others may be placed on a different schedule.
Receive notification on the decision
Some ideas can be implemented at Merative, while others may not fit within the development plans for the product. In either case, the team will let you know as soon as possible. In some cases, we may be able to find alternatives for ideas which cannot be implemented in a reasonable time.
Merative External Privacy Statement: https://www.merative.com/privacy
We need a support for system to system integration via REST APIs.
We need to be able to enrol a system as valid consumer of REST API and leave it running without having to call j_security_check.
The current authentication and authorisation seems to be working well for browser web applications but not for integration between systems.
We'd like either guidance or enhancements to help support REST API via headers/tokens/or some other mechanism :)
Our current approach in the absence of this uses a workaround:
Curam exposes SOAP - IIB sits in front an re-exposes that as REST API - Consumer calls REST API.
Hi Priyabrata,
We have reviewed your enhancement suggestion. Based on the information provided, our understanding of your request is as follows:
* Enhance the REST authentication framework to accept authentication credentials in the HTTP header and perform the authentication based on these credentials.
SPM is following the industry-standard way of authenticating for REST services using j_security_check. SPM SOAP web services use Curam custom headers for authenticating. They were designed that way many years ago and at the time the solution was apt. For REST services we cannot follow the same old architecture as it impacts all the other customers who are using SPM REST infrastructure. We are exploring the possibility of enhancing SPM authentication using technologies like JWT and OIDC in a future version, this may change the way we authenticate for REST services in future.
We are closing this request and do not plan to take any further action. If you believe we have misunderstood your request please respond within 7 days with clarifications.
Thank you,
Shane McFadden, SPM Offering Management team
Note: We have improved your RFE experience and transitioned to an Ideas Portal provided by our trusted business partner Aha!
Hi Priyabrata,
Thank you for taking the time to share your ideas with us. We are committed to involving our users in building our product roadmap and appreciate your suggestions.
We will review the information you have provided and get back to you within 30 days. If additional details are required in order to complete our evaluation, we will send you a request for more information.
Thank you,
Shane McFadden, SPM Offering Management team
You can find more information on the request process here.
Note: we are currently in the process of improving your RFE experience and will soon transition to an Ideas Portal provided by our trusted business partner Aha!
Further communications with additional details will be shared shortly.