IBM Sustainability Software - Ideas Portal


This portal is to open public enhancement requests against the products and services belonging to IBM Sustainability Software. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Add a new idea Subscribe
Status Under review
Workspace IBM MAS - Dedicated & SaaS
Categories MAS SaaS
Created by Guest
Created on Nov 16, 2025

RELATED IDEAS

MAS 9+: Create a Separate Permission Set for User Session Management and UI Updates in MAS SaaS

Problem Statement

In MAS 9.1, critical administrative features such as User Session Management and Updating User Interface are bundled under Suite Administration permissions, which include System Configuration. For MAS SaaS customers, IBM SRE cannot grant this access (under IDP Management access) because it exceeds the intended scope and introduces unnecessary elevated privileges. This prevents customers from using these features for operational and compliance purposes.

Proposed Solution

Create a separate permission set that includes the following:

User Session Management

  • View active sessions

  • Force user logouts

Updating User Interface

  • Ability to update UI elements such as CSS customization

This permission set should exclude System Configuration and other unrelated administrative capabilities, allowing roles like MAXADMIN or nominated customer administrators to manage these tasks securely.

This permission set should also not impact existing other permission sets which currently allows users with sufficient permissions like MAXADMIN to manage users and view license consumption.

Business Value

  • Security: Grants only necessary privileges, reducing risk of misconfiguration.

  • Operational Efficiency: Enables customers to manage sessions, monitor license usage, and update UI without relying on IBM SRE.

  • Compliance: Supports audit and governance by providing visibility into license consumption.

  • Customer Satisfaction: Reduces friction and dependency on IBM support for routine administrative tasks.

Impact

Decoupling these permissions will:

  • Improve usability for MAS SaaS customers

  • Reduce support cases and escalation during critical events

  • Align MAS SaaS with best practices for least-privilege access

Idea priority Low
Needed By Month
  • Post comment

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.