Transfer Files by External SFTP

How to configure and test the SFTP host, web proxy, and integrations for external SFTP connections.

You can connect integrations to third-party, external SFTP accounts as follows:

  • Inbound and outbound files can be exchanged between the atom cloud and external SFTP servers.
    • Caution:

      Do not change the name of the folder from Inbound. Additional or differently named folders are not supported by .

    • Caution:

      Do not change the name of the folder from Outbound. Additional or differently named folders are not supported by .

  • Configure the SFTP Connector for automated file transfers.
  • Configure encryption with different public and private keys for each integration.
  • You can limit access to external SFTP servers by not adding the servers as endpoints to the approval list for that tenant.

Limitations

You can manage connection details, public and private keys, encryption, and decryption only from the Integration Template Designer (the Boomi application).

The following integrations features are not supported:

  • You cannot manage or test external SFTP connections from Integrations Setup > Connections.
    • You get a Connection to the server failed error.
    • You cannot create sub-folders for each integration.
  • Run Summary cannot access the source and generated output files that are processed over external SFTP connections.
    • If you try to download the .zip file, you get a Could not download the file because of connection issue or file may not exist error.
  • Manage SFTP cannot access files on external SFTP connections for download or upload.
    • You get a Could not connect to SFTP Connection {ConnectionName} error.
    • You cannot access a local copy of the generated output or source files.
  • You cannot migrate keys when you clone or refresh tenants.

Add the SFTP hosts to the allowlist

Each SFTP host must be added to the allowlist at the proxy.

Note: Only SFTP servers can be added to the allowlist, not FTP servers.

Submit a Salesforce ticket to add the external SFTP server to the allowlist. Use the following template:

Case Subject: Allow access for External SFTP from WFD proxy/Network.

Case Description: Add to allowlist external SFTP endpoint transfer.{CompanyName}.com and [10.236.0.0].

Note: For multiple SFTP endpoints, provide a list in CIDR (classless inter-domain routing) format of the endpoints and the corresponding IP addresses or IP ranges. Example: 10.236.0.0/16

Test the external SFTP connection and create folders

(Optional)

  1. Connect to the external SFTP server by way of an SFTP client.

    Examples: WinSCP, FileZilla

  2. Make sure that the connection is successful.
  3. Create an SFTP folder.
  4. Create the Inbound(for import integrations) or Outbound(for export integrations) directory with the following permissions:
    • Owner: Read (R), Write ( W), Delete (X). Do not select Set UID.
    • Group: Read (R), Write ( W), Delete (X). Do not select Set GID.
    • Others: Read (R), Write ( W), Delete (X). Do not select Sticky bit.

Configure the SFTP web proxy

Configure the web proxy to the external SFTP server.

  1. If the Integration Template Designer is not open, select Main Menu Administration > Application Setup > Integrations Setup > Design Integration Templates.
  2. Select the Build tab.
  3. Navigate to the integration.
  4. Select Connectors > SFTP > Connections.
  5. Right-click the {IntegrationProcessName}_SFTPServer, and select Open Component.
  6. Select the SFTP Host tab.
  7. In Choose Proxy Type, select ATOM.
  8. Click Tap Save and Close.

Create and deploy integration components

Integrations
  1. Select Main Menu > Administration > Application Setup > Integrations Setup > Design Integration Templates.
  2. Select the Build tab.
  3. Navigate to the integration.
  4. Select Processes.
  5. Scroll to the main process which is at the bottom of the list of processes. Example: PayrollExport-v1
  6. Right-click the process and select Open Component.
  7. In the process view, click tap Create Package Component.
  8. Click Tap Next.
  9. Enter a Version Number.
  10. Click Tap Create Package.
  11. Click Tap Deploy.
  12. Select the Deployment Environment to deploy the packaged components.
  13. (Optional) Enter Deployment Notes.
  14. Click Tap Next.
  15. Click Tap Next Review.
  16. Click Tap Deploy.
  17. Do one of the following:
    • In Deployment Successful, click tap View Deployments.
    • Click Tap Close.

Configure import integrations

Configure the import integrations for the Inbound directory.

  1. Configure environment extensions:
    1. Select the Manage tab > Atom Management.
    2. Navigate to and select your tenant.
    3. In Administration, click tap Environment Extensions.
    4. In Process Filter, click tap the magnifying glass Search button. It can take several seconds before the button becomes active.
    5. Scroll to and select the integration pack. Example: PeopleImport-v1.
  2. Configure connection settings:
    1. Select Connection Settings.
    2. From the Connection dropdown list, select and configure the following:

      Connection Settings

      Connection Settings for external SFTP for import integrations

      Setting

      Required

      Actions

      APIGatewayServer

      Required

      To change the default API gateway server:

      1. Clear Use Default.
      2. Enter the URL to the server.

        Example: <tenantURL>/api

      Use the format: https://{tenant_vanity_url}/api

      SFTPServer

      Required

      Change the default SFTP server parameters to those of the external SFTP server:

      1. For each field, clear Use Default.
      2. Enter the following values:

        In Host, enter the SFTP host name.

        In Port, enter 22.

        In User, enter the username for the SFTP account.

        In Password, select <Encrypted>. Enter the new password for the SFTP account. Click Tap Apply.

  3. Configure process properties:
    1. Select Process Properties.
    2. From the Process Property dropdown list, select AuthenticationProperties to set the properties to connect to the authentication server and get the access token to execute APIs.
      • In GatewayDefaultPort, clear Use Default. Enter 9001 for the path to the port for the API gateway.
      • Note: You no longer need an AppKey to call API operations. If one is defined, it is ignored.
    3. From Process Property, select {integrationName}_SFTPProperties.

      Process Properties

      Process Properties for external SFTP for import integrations

      Property

      Required

      Actions

      SourceDirectory

      Required

      The directory path on the SFTP server where the integration process reads the file.

      Define the following directory path:

      1. Clear Use Default.
      2. Enter /Inbound.
        Caution:

        Do not change the name of the folder from Inbound. Additional or differently named folders are not supported by .

      _DestinationDirectoryPath

      Not required

      Leave at the default setting of true to use the default directory on the SFTP server where the destination file is archived after processing.

      _MoveProcessedFileToDirectory

      Not required

      Leave at the default setting of true to use the default directory on the SFTP server to move the destination file after data is successfully processed.

      _DeleteSourceFileAfterReading

      Not required

      Leave at the default setting to not delete the source file after processing.

      SourceFileName

      Required

      Define the file that contains the data to import:

      1. Clear Use Default.

      2. Enter the filename. Use a .csv extension.

        You can use the asterisk ( *) or question mark (?) as wildcard characters to enter patterns of file names so that the integration reads only files that have names that match this filter.

        Example: PeopleImport_Dept003.csv

    4. From Process Property, select {integrationName}_ProcessProperties.
      1. Select the required fields that you need to import.
      2. For EnableTransactionAssistant, clear Use Default to not submit import errors to the Transaction Assistant. Select Value.
    5. Click Tap OK.

Configure export integrations

Configure the export integrations for the Outbound directory.

  1. Configure environment extensions:
    1. Select the Manage tab > Atom Management.
    2. Navigate to and select your tenant.
    3. In Administration, click tap Environment Extensions.
    4. In Process Filter, click tap the magnifying glass Search button. It can take several seconds before the button becomes active.
    5. Scroll to and select the integration pack. Example: PayrollExport-v1.
  2. Configure connection settings:
    1. Select Connection Settings.
    2. From the Connection dropdown list, select and configure the following:

      Connection Settings

      Connection Settings for external SFTP for export integrations

      Setting

      Required

      Actions

      APIGatewayServer

      Required

      To change the default API gateway server:

      1. Clear Use Default.
      2. Enter the URL to the server.

        Example: <tenantURL>/api

      Use the format: https://{tenant_vanity_url}/api

      SFTPServer

      Required

      Change the default SFTP server parameters to those of the external SFTP server:

      1. For each field, clear Use Default.
      2. Enter the following values:

        In Host, enter the SFTP host name.

        In Port, enter 22.

        In User, enter the username for the SFTP account.

        In Password, select <Encrypted>. Enter the new password for the SFTP account. Click Tap Apply.

  3. Configure process properties:
    1. Select Process Properties.
    2. From the Process Property dropdown list, select AuthenticationProperties to set the properties to connect to the authentication server and get the access token to execute APIs.
      • In GatewayDefaultPort, clear Use Default. Enter 9001 for the path to the port for the API gateway.
      • Note: You no longer need an AppKey to call API operations. If one is defined, it is ignored.
    3. From Process Property, select {integrationName}_SFTPProperties.

      Process Properties

      Process Properties for external SFTP for export integrations

      Property

      Required

      Actions

      OutputDirectory

      Required

      Directory on the SFTP server where the output file is archived after processing.

      Define the following directory path:

      1. Clear Use Default.
      2. Enter /Outbound.
        Caution:

        Do not change the name of the folder from Outbound. Additional or differently named folders are not supported by .

      AppendRecords

      Not required

      To append records to any previous payroll export file:

      1. Clear Use Default.
      2. Select Value.
    4. From Process Property, select {integrationName}_ProcessProperties.
    5. Select the required fields that you need to export.
    6. Click Tap OK.

Install the integrations

Note: For general instructions and more details, refer to the Install Integrations help topic.

The steps to install import and export integrations are the same for external and internal SFTP connections.

  1. Select Main Menu Administration > Application Setup > Integrations Setup > Install Integrations.
  2. Click Tap Create .
  3. Enter a unique and descriptive Integration Name.

    Examples: PeopleImport_ExtSFTP, PayrollExport_ExtSFTP

  4. Do not select API Integration.
  5. In File Access, select None.
  6. In Scheduling Configuration > Skip Configuration, select None.
  7. Scroll to Integration Template and do the following:
    1. Click Tap Refresh.
    2. Select the integration template from the table.
    3. Click Tap Assign .
  8. Scroll to Integration parameters and configure the parameters or external files that are required when you run or schedule the integration.
  9. Click Tap Save.
  10. Configure the GDAP for the people who need to run the installed integrations; refer to the Configure Access to Integrations help topic.
  11. Repeat for other integrations.

Run the integrations

Run each integration to test that the configuration is correct.

  1. Navigate to the following directory of the external SFTP server:
    • /Inbound for import integrations
    • /Outbound for export integrations
  2. Make sure that the required CSV files are in that directory.
  3. Run each of the import and export integrations and check the results.
    1. Select Main Menu > Maintenance > Integrations.
    2. Click Tap Run an Integration .
    3. Select the integration from the list. Click Tap Select.
    4. Set parameters — Select or enter any parameters or files that are required. Required and optional parameters, and external files vary by integration.
    5. Click Tap Run Integration.
    6. Wait for the confirmation that the integration completed or failed. Close the panel. Click Tap Refresh .
    7. To see details, select the integration run. Select Run Summary.