Missing Request Parameter (connection_idle_timeout) from ibmsecurity & ISAM Role

[Virtualizestuff]

Environment:

ISVA Version: 10.0.8.0
Model: Docker

ansible-galaxy collection list
Collection              Version
----------------------- -------
ibm.isam                3.5.0  

pip show ibmsecurity
Name: ibmsecurity
Version: 2025.12.11.0
Summary: Idempotent functions for IBM Security Appliance REST APIs
Home-page: https://github.com/IBM-Security/ibmsecurity
Author: IBM
Author-email: IBM <secorch@wwpdl.vnet.ibm.com>
License-Expression: Apache-2.0
Location: /opt/venv/lib/python3.11/site-packages
Requires: cryptography, filelock, importlib-metadata, jmespath, jsonschema, packaging, pathspec, python-dateutil, pyyaml, PyYAML, requests
Required-by: 

Problem Statement

Both the Ansible Collection and IBMSecurity module is missing a required request parameter connection_idel_timeout according the API guide:

• https://ibm-security.github.io/apidocs/verifyaccess/10.0.8.0/ISVA-mgmt-rest-api/docker/Update_the_current_distributed_session_cache_policy.xml

I created an ansible playbook that uses URI and includes the connection_idle_timeout pass in the required parameters and it works. So looks like the role and the module (ibmsecurity) needs to be updated.

- name: "Build desired configuration"
      ansible.builtin.set_fact:
        dsc_desired_config:
          worker_threads: "{{ dsc_config.worker_threads | int }}"
          max_session_lifetime: "{{ dsc_config.max_session_lifetime | int }}"
          client_grace: "{{ dsc_config.client_grace | int }}"
          connection_idle_timeout: "{{ dsc_config.connection_idle_timeout | int }}"
          service_port: "{{ dsc_config.service_port | int }}"
          replication_port: "{{ dsc_config.replication_port | int }}"
          servers: "{{ dsc_servers_configured }}"
      tags: [configure_dsc]

 - name: "Update DSC configuration via REST API"
      ansible.builtin.uri:
        url: "https://{{ inventory_hostname }}:{{ ansible_isam_port | default(9443) }}/isam/dsc/config"
        method: PUT
        user: "{{ ansible_isam_username }}"
        password: "{{ ansible_isam_password }}"
        force_basic_auth: yes
        validate_certs: no
        body_format: json
        headers:
          Content-Type: "application/json"
          Accept: "application/json"
        body: "{{ dsc_desired_config }}"
        status_code: [200, 204]
      register: dsc_update_result
      when: dsc_needs_update | bool
      tags: [configure_dsc]

Module and Role that require updating:

• ibmsecurity/ibmsecurity/isam/base/dsc.py

  Line 28 in ce6b4f2

  dsc_json = {

• https://github.com/IBM-Security/isam-ansible-collection/blob/9986efc8424f7deb1c1da84998cdb666e02ce9ab/roles/set_dsc_config/tasks/main.yml#L15

Error Message from Role:

[ERROR]: Task failed: Module failed: Error> action ibmsecurity.isam.base.dsc.set does not have the right set of arguments or there is a code bug! Options: isamAppliance=self.isam_server, force=False, service_port=2035, replication_port=2036, connection_idle_timeout=0, worker_threads=64, max_session_lifetime=3600, client_grace=600, servers=[{'ip': 'iviadsc1.demo.internal', 'service_port': 2035, 'replication_port': 2036}, {'ip': 'iviadsc2.demo.internal', 'service_port': 2035, 'replication_port': 2036}, {'ip': 'iviadsc3.demo.internal', 'service_port': 2035, 'replication_port': 2036}, {'ip': 'iviadsc4.demo.internal', 'service_port': 2035, 'replication_port': 2036}]

[tombosmansibm]

Thanks for opening this issue, I'll add these parameters.

[Virtualizestuff]

Thanks Tom, when I tried calling the api without the connection_idel_timeout it actually tells you its required:

fatal: [iviaconfig.demo.internal]: FAILED! => {"cache_control": "no-cache, no-store", "changed": false, "connection": "Close", "content_language": "en-US", "content_security_policy": "default-src 'self' 'unsafe-inline' 'unsafe-eval'", "content_type": "application/json", "date": "Thu, 22 Jan 2026 12:43:03 GMT", "elapsed": 0, "expires": "Thu, 01 Dec 1994 16:00:00 GMT", "json": {"message": "A required parameter is missing: connection_idle_timeout"}, "msg": "Status code was 400 and not [200, 204]: HTTP Error 400: Bad Request", "pragma": "no-cache", "redirected": false, "set_cookie": "JSESSIONID=00003glMNiHPcLib7rk9oETPsJ7:17293766-81d1-4a00-a841-690ad32318d7; Path=/; Secure; HttpOnly; SameSite=Strict", "status": 400, "strict_transport_security": "max-age=31536000; includeSubDomains", "transfer_encoding": "chunked", "url": "https://iviaconfig.demo.internal:9443/isam/dsc/config", "x_content_type_options": "nosniff", "x_frame_options": "SAMEORIGIN", "x_xss_protection": "1; mode=block"}

[tombosmansibm]

Updated the ibmsecurity code (and pypi)

For the role update, this takes more time.