Cloud Management and AIOps


This is an IBM Automation portal for Cloud Management, Technology Cost Management, Network Automation and AIOps products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).

Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.

Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Add a new idea Subscribe
Status Delivered
Workspace Instana
Categories Access Control User Interface
Created by Guest
Created on Dec 6, 2024

RELATED IDEAS

User/Idle Session timeout should make currently open page unreadable

This is to improve Instana Security Footprint.

When Instana UI User/Idle Session timeout triggers, only a small red popup on top right is shown saying you need to reautenticate, but the currently open page is still readable , potenially exposing sensible information unintentionally to others.

This raises securiity concerns of some customers as the intention of this should be that the information after the timeout is not readably anymore either by e.g.

  • (A) blurring complete page together with current box or

  • (B) auto-redirect to login sceen or

  • (C) redirect to a neutral "timeout - you have to reauthenticate" page

I would consider B+C most secure solution.




Idea priority High
  • Guest
    Feb 18, 2025

    This is in progress to implement

    Reply
  • Guest
    Feb 4, 2025

    Thanks for mocking this up Holly.
    I think this makes sense from my perspective.

    It would be good to know if technically they can add copy to this kickback page.
    Failing that, I also think it could simply just return them to the login - with no indication of session timeout.
    I feel that is typical for many applications, so informing them might be a nice-to-have. But I could also be wrong here.

    Reply
  • Guest
    Feb 3, 2025

    Could we do a combo of options B & C above and redirect them to the login screen but add a specific reauthentication message there so they understand what happened?

    Something like one of the following:

    • "Your session has timed out. Please reauthenticate by signing in."

    • "It's time to reauthenticate. Please sign in."

      @DARREN WOODIWISS @Shaun Lynch what do you both think? Shaun, from a visual standpoint would we want to use notification styling or anything other than text similar to the current "Sign in" message? Thanks!

    Screenshot 2025...
    Screenshot 2025-02-03 at 4.31.37 PM.png
    Open full size
    Screenshot 2025-02-03 at 4.31.37 PM.png
    Reply
  • Guest
    Jan 30, 2025

    Hi @Guest could you post a screenshot of the message /page for context? Thanks!

    1 reply
  • Guest
    Jan 24, 2025

    Checking with content strategist @Holly King about prescribed messaging for this and @DARREN WOODIWISS about UX considerations.

    Reply
  • Guest
    Dec 9, 2024

    would be great to have this in instana 287, as one critical customer will install this in Jan 2025.

    Reply

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.