Shape the future of IBM watsonx Orchestrate

Start by searching and reviewing ideas others have posted, and add a comment (private if needed), vote, or subscribe to updates on them if they matter to you.

If you can't find what you are looking for, create a new idea:

  1. stick to one feature enhancement per idea

  2. add as much detail as possible, including use-case, examples & screenshots (put anything confidential in Hidden details field or a private comment)

  3. Explain business impact and timeline of project being affected

[For IBMers] Add customer/project name, details & timeline in Hidden details field or a private comment (only visible to you and the IBM product team).

This all helps to scope and prioritize your idea among many other good ones. Thank you for your feedback!

Specific links you will want to bookmark for future use
Learn more about IBM watsonx Orchestrate - Use this site to find out additional information and details about the product.
Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.
IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.
ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Add idea Subscribe
Status Delivered
Created by Guest
Created on Aug 29, 2025

RELATED IDEAS

Outbound access policy configuration to control which API endpoints agents/tools can access

In industries with elevated compliance & security requirements there is often a need for multi-layered security.

Currently Orchestrate's security model makes the assumption that the builder role is fully trusted.

What happens if a builder through either malicious intent or error creates a tool & establishes a connection to an unauthorised API endpoint?

With auditing of events we can see after the fact what happened, however currently there is nothing to prevent this from occurring.

Idea is for implementing some form of policy based control to agents/tools/connections so that they can only connect to API endpoints (hostname, IP address, port, etc) on an allow-list maintained by an admin role.

Idea priority Urgent
  • Post comment
2 MERGED

Restrict what endpoints a tenant is able connect with

Merged
Admins need a way to manage which external URLs or APIs agents can access. The ability to approve outbound connections would make it easier to keep integrations secure and compliant with company policies while still getting the benefits of SaaS.
8 months ago in  Delivered
2 MERGED

Restrict API access by role / network access

Merged
Organizations need the ability to restrict API access based on defined roles and network policies. Allowing teams to limit who can invoke specific APIs—and from which IP addresses—would strengthen security, prevent unauthorized use, and ensure tha...
8 months ago in  Delivered

By clicking the "Post Comment" or "Add Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not include IBM confidential, company confidential, or personal information in any field.
Having problems accessing this portal? Describe the problems in an email to ideasibm@us.ibm.com.