Skip to Main Content
HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

ADD A NEW IDEA

FILTER BY CATEGORY

My ideas: Security

Showing 238

Control over the setting "don't let administrator set Domino web/internet password to match Notes password" via Domino policy.

Administrator should have control over the setting "don't let administrator set Domino web/internet password to match Notes password" via Domino policy.
8 months ago in Domino / Security 1 No Plans to Implement

Export LTPAToken from Domino into Sametime V12

In Sametime V12 there is no connection anymore to a Domino server. The proxy does not import the LTPAToken automatically anymore. The documentation tells us the setup a temp. WebSphere-Liberty server and creates a LTPAToken. This is a workaround i...
8 months ago in Domino / Security 1 No Plans to Implement

Disabling local processes or external processes using the Domino Server

A way to disable executing local processes and commands on Domino using powershell, cmd, etc
8 months ago in Domino / Security 0 Assessment

Nonce checking for Domino Web Application

iNotes has the nonce checking feature for security purpose. This feature is also needed when using web application on Domino Server side. Currently, a web user can post the data to Domino Web Server by using crafted HTML files created from the cl...
8 months ago in Domino / Security 0 Under Consideration

Add Ability To Set Secure Cookie Attribute To Domino Server

Can the ability to set the Secure cookie attribute be added to the HCL Domino server? This could be done similar to the SameSite cookie attribute that was added to Domino version 12.0.x. Most HTTP servers provide the ability to set the Secure cook...
9 months ago in Domino / Security 1 Needs Review

API-Key Authentication for Domino Web Applications

Provide ability to create a API-Key records in names.nsf for third party applications to connect to Domino resources for various reasons (Mostly REST-API, Web agents, DAS, etc.) Right now customers provide a separate username password and the othe...
9 months ago in Domino / Security 1 Needs Review

SAML implementation, can be done safer?

1.) HCL Domino server 12.0.1 (and older) are missing SAML Artifact binding implementation/settings. It has just SAML POST binding :-( Hmm it also works SOAP and inside SAML POST binding, but SAML ARTIFACT binding didn't work for me at all. Is SAML...
10 months ago in Domino / Security 0 Needs Review

IDVault:Need increase one view to display all these archived user id file document

https://help.hcltechsw.com/domino/12.0.0/admin/vault_automatic_restart_id_sync.html?hl=id%2Carchived Now all user ID file documents display under the default "Vault Users" view For these archived user ID file, which display as ~UserName also in th...
10 months ago in Domino / Security 0 Needs Review

Prompt for user content before configuring notes client.

This is to control & monitor user and admin activity in terms of account access. ( just want user consent before configuring notes client on behalf of the user.). Basically, customer have MFA for notes, but none for lotus notes client security...
10 months ago in Domino / Security 1 No Plans to Implement

Option to select whether the LTPAToken should be completely removed/or usable when session has been completely ended.

When enabling Session authentication across servers, the token issued by a server can still be used even after the session has been completely ended on the server and on the browser. If a user issues a request to the server using the same token, y...
11 months ago in Domino / Security 0 Under Consideration