SecureTransport SFTP, FTP, HTTP flow definition

The following tables describe the fields and parameters available in flow definition in SecureTransport when it is used as a relay via SFTP, FTP or HTTP in Central Governance.

SecureTransport step definition mapping

The following tables describe fields in Central Governance and SecureTransport for received and send properties.

Receive properties: sender pushes files

Central Governance section Central Governance field Central Governance API receiveCommonProperties SecureTransport field Comment
File properties Directory propertiesForSources > directory Subscription > Subscription folder The directory represents the path where the sender can push files on SecureTransport. If in the same account there is another subscription (created outside Central Governance) with the same folder, the flow deployment will fail. You must review the Directory value.
File properties Receive file as receiveFileAs Transfer Profiles > Receive file as Location and filename of the file after being received by the ST
File properties File type fileType: binary/text/ebcdic/ebcdic_native Transfer profiles > Transfer mode    
File properties Record type recordType: Variable/Fixed Transfer profiles > Record Format  
  Maximum record length maxRecordLength

Transfer profiles > Record Length

 
Post-reception actions On failure onFailure: no/move/delete/ onFailureMoveDirectory: <directory_name> or void Subscription > Post Transmission Settings > On failure Actions are applied to files that failed to arrive to the directory set before.

Receive properties: SecureTransport pulls files from the sender

Central Governance section Central Governance field Central Governance API > receivecommonProperties SecureTransport field Comment
File properties Remote directory propertiesForSources > remoteDirectory Transfer Site > Download folder Represents the folder on the sender from where SecureTransport pulls files.
File properties File filter Options: File Globbing/ Regular Expression propertiesForSources > remoteDirectory Download patternFile Globbing/ Regular Expression Represents the filter on files SecureTransport pulls from the remote directory.
File properties Directory propertiesForSources > directory Subscription > Subscription folder The directory represents where SecureTransport saves files pulled from the sender.
File properties

Scheduler

Options:

Recurrence

Occurence:

Every/Specific times

schedulerType: Unique/Recurring RecurrenceType: Daily/Weekly/Monthly/Yearly fromDateRecurr fromTimeRecurr toDateRecurr toTimeRecurr occurenceType: Every/Specific dailyOccurenceEveryType dailyOccurenceEveryValue recurenceTimes Subscription > For Files Received from this Account or its Partners > Schedule Used to set a schedule for automatic retrieval of files from the sender.
If the start date of the scheduler is earlier than the SecureTransport system data at deployment time, the flow deployment on SecureTransport fails.
Post-reception actions On failure onFailure: no/move/delete/ onFailureMoveDirectory: <directory_name> or void Subscription > Post Transmission Settings > On failure Actions are applied to files that failed to arrive to the directory set before.

File processing properties

Central Governance section Central Governance field Central Governance API > fileOptions > stepsCollection SecureTransport field Comment

Common fields

Description

description

 

Not deployed on SecureTransport

 

File filter set to File globbing with no value

fileFilterExpressionType

Name filter: Process all files

 

 

File filter=File globbing/Regular expression with a filter_value

fileFilterExpression

Name filter: Process files based on a file name pattern

Pattern type: File Globbing/Regular expression

File name pattern: filter_value

 
    type: COMPRESSION/    

Compression

Algorithm

compressionAlgorithm: ZIP/

Compression algorithm

 

 

Level

compressionLevel: NORMAL

Compression level

Displays when algorithm is a zip, jar, or gzip.

 

Use archive password

compressionRadioPasswordEnable: false/true

Password for protected file

Displays when algorithm is a zip file.

 

Archives: Single/Multiple

compressionArchives: SINGLE/MULTIPLE

Compress all files into a single archive

Present when algorithm is zip, jar or tar

 

Archive name

compressionArchivesSingle compressionArchivesMultiple

Output file names

 

Decompression

Use archive password

decompressionRadioPasswordEnable decompressionLoginCredentialId

Password for protected file

 

 

Rename file as

decompressionRenameFile

Output file names

 

PGP Encryption

Operations

pgpEncryptionOperations: ENCRYPT/SIGN/ENCRYPT_AND_SIGN

PGP Settings

Choose whether to encrypt, sign, or both.

 

Encryption key with PGP public key

pgpEncryptionKeyAlias encryptionKeyId

Encryption Settings:

Select an Account= current account name

Encrypt Using PGP Key: public certificate name

Certificate is uploaded in Account > certificates > public certificates

  • Select a previously uploaded encryption key (used in another flow) for the same SecureTransport/receiver pair.
  • Upload a new encryption key.

 

Signing key with PGP private key

pgpEncryptionSignatureKeyAlias signatureKeyId

Signature settings:

Select an Account = current account name

Sign using PGP key: private certificate name

Certificate is uploaded in Account > certificates > private certificates

 

 

Compression

pgpEncryptionCompression: NO/USE_PREFERRED/ZIP/ZLIB/BZIP2

Compression settings: Type

 

 

Compression level

pgpEncryptionCompressionLevel: FAST/NORMAL/GOOD/BEST

Compression settings: Level

 

 

Encode using ASCII anchor

pgpEncryptionCompressionLevel: FAST/NORMAL/GOOD/BEST

Encode Using ASCII Armor

 

 

Rename file as

pgpEncryptionRenameFile

Output file names

 

PGP Decryption

Decrypt: Always

pgpDecryptionDecryptFiles: ALWAYS

Require Encryption: Enabled

 

 

Decrypt: Only if Encrypted or None

pgpDecryptionDecryptFiles: ONLY_IF_ENCRYPTED NONE

Require Encryption: Disabled

  • Use Only if Encrypted to deploy a new decryption key on the SecureTransport.
  • Use None if you do not want to deploy a new decryption key on SecureTransport.

 

Decryption key with PGP private key

pgpDecryptionDecryptionKeyAlias decryptionKeyId

Certificate is uploaded in Account > certificates > private certificates

  • Select a previously uploaded decryption key (used in another flow) for the same sender /SecureTransport pair.
  • Upload a new decryption key.

 

Verify file signature: Always

pgpDecryptionVerifyFileSignature: ALWAYS

Require Trusted signature: Enabled

 

 

Verify file signature: Only if signed or None

pgpDecryptionVerifyFileSignature: ONLY_IF_ENCRYPTED NONE

Require Encryption: Disabled

  • Use Only if Encrypted to deploy a new verification key on the SecureTransport .
  • Use None if you do not want to deploy a new verification key on SecureTransport.

 

Verification key + PGP public key

pgpDecryptionSignatureVerificationKeyAlias verificationKeyId

Certificate is uploaded in Account > certificates > public certificates

  • Select a verification key that was previously uploaded in another flow for the same sender /SecureTransport pair.
  • Upload a new verification key.

 

Rename file as

pgpDecryptionRenameFile

Output file names

 

Encoding conversion

Source encoding

sourceEncoding

File encoding: Source file encoding

 

 

Target encoding

targetEncoding

File encoding: Output file encoding

 

 

Rename file as

renameFile

Output file names

 

Line ending

Source: End of Record Character

lineEndingSourceEndCharacter

Source file settings: Line Ending format

 

 

Source: Encoding

sourceEncoding

Source file settings: File Encoding

 

 

Target: End of Record Character

lineEndingTargetEndCharacter

Target file settings: Line Ending format

 

 

Target: Encoding

targetEncoding

Target file settings: File Encoding

 

 

Rename file as

renameFile

Output file names

 

Line folding

Fold width

fileFoldWidth

Line folding: Line fold width

 

 

Source encoding

sourceEncoding

File encoding: Source file encoding

 

 

Target encoding

targetEncoding

File encoding: Output file encoding

 

 

Rename file as

renameFile

Output file names

 

Line truncating

Truncate length

lineTruncateLength

Line truncating: Truncate length

 

 

Source encoding

sourceEncoding

File encoding: Source file encoding

 

 

Target encoding

targetEncoding

File encoding: Output file encoding

 

 

Rename file as

renameFile

Output file names

 

Line padding

Line length

lineLength

Line padding: Predefined line length

 

 

Padding character

paddingCharacter

Line padding: Line padding character

Padding character is a valid Unicode escape sequence.

 

Source encoding

sourceEncoding

File encoding: Source file encoding

 

 

Target encoding

targetEncoding

File encoding: Output file encoding

 

 

Rename file as

renameFile

Output file names

 

Character replacement

Find lines with

findSequence

Find/Replace: Find

 

 

Delete found lines

deleteFoundLinesRadioEnable

Strip lines starting with start string

 

 

Replace with

replaceSequence

Find/Replace: Replace

 

 

Source encoding

sourceEncoding

File encoding: Source file encoding

 

 

Target encoding

targetEncoding

File encoding: Output file encoding

 

 

Rename file as

renameFile

Output file names

 

External script

Filename

externalScriptFileName

Script settings: External Script Path

Absolute path to an external script.

 

Redirect output to Server log

externalScriptRedirectOutput

Log script’s standard output to Server log

 

Send properties: SecureTransport pushes files to receiver

Central Governance section Central Governance field Central Governance API - sendCommonProperties SecureTransport field Comment
File properties Remote directory propertiesForSources > remoteDirectory Route Package > Route for receiver > Transfer settings > Step: Send to partner > Overwrite upload folder Represents the folder on the receiver where SecureTransport pushes files.
File properties File name sent fileNameSent Route Package > Route for receiver > Step: Send to partner > Transfer settings > Route file as Rename files to be routed to the receiver.
File properties File filter:Options: File Globbing/Regular Expression expressionvalue expressiontype Route Package > Route for receiver > Step: Send to partner > File filter If set, represents the filter on files SecureTransport pushes to the remote directory.
Archive files On failure: Default/Enabled/Disabled archiveFilesOnFailure: default/enabled/disabled Route Package > Route for receiver > Step: Send to partner > Post routing actions >Archive files on failure The Central Governance setting is deployed on SecureTransport even if archiving is not enabled globally. It has an effect when the global archiving policy is enabled on SecureTransport.
Archive files On success: Default/Enabled/Disabled archiveFilesOnSuccess: default/enabled/disabled Route Package > Route for receiver > Step: Send to partner > Post routing actions >Archive files on success The Central Governance setting is deployed on SecureTransport even if archiving is not enabled globally. It has an effect when global archiving policy is enabled on SecureTransport.
Post-sending actions > Post-routing(local) On failure onFailure: no/move/delete/ onFailureMoveDirectory: <directory_name> or void Subscription > Post Processing Settings > On failure Actions are applied to files that failed to be sent to the receiver.
Post-sending actions > Post-routing(local) On success onSuccess: no/move/delete/ onSuccessMoveDirectory: <directory_name> or void Subscription > Post Processing Settings > On success Actions are applied to files that were sent successfully to the receiver.
Post-sending actions > Post-transmission (remote) On failure onFailure: no/move/delete/ onFailureMoveDirectory: <directory_name> or void Transfer site > Post Transmission Settings > On Failure

Actions are applied to files that failed to be sent to the receiver.

  • SFTP: no / move / delete
  • HTTP: no / delete
  • FTP: no / move / delete
Post-sending actions > Post-transmission (remote) On success onSuccess: no/move/ onSuccessMoveDirectory: <directory_name> or void Transfer site > Post Transmission Settings > On Success

Actions are applied to files that were sent successfully to the receiver.

  • SFTP: no / move / Allow overwrite existing file
  • HTTP: N/A
  • FTP: no / move

Send properties: receiver pulls files

Central Governance section Central Governance field Central Governance API >propertiesForTargets > properties and commonProperties SecureTransport field Comment
Transfer properties File exists FileExistsAction: fail_operation/replace_existing_file/rename_existing_file/use_different_name/append_to_existing_file Route Package > Route for receiver > Transfer settings > Step: Publish to account > Target settings: Collision settings
Cancel(Default) > Fail operation
Overwrite > Replace existing file
Rename existing file > Rename existing file
Rename transferred file > Use a different file name to publish the file
Append > Append to existing file
This field is used in detecting duplicate transfers on the remote directory.
File properties Remote directory directory Route Package > Route for receiver > Transfer settings > Step: Publish to account > Target settings > Folder The directory represents the path where SecureTransport publishes files to the receiver.
File properties Publish file as publishFileAs Route Package > Route for receiver > Transfer settings > Step: Publish to account > Target settings > Publish file as Represents the name of the published file.
File properties File filter: Options: File Globbing/Regular Expression fileFilterExpressionType fileFilterExpression Route Package > Route for receiver > Step: Publish to partner > File filter If set, represents the filter on files SecureTransport publishes to partner.
Post-sending actions > Post-routing(local) On failure onFailure: no/move/delete/ onFailureMoveDirectory: <directory_name> or void Subscription > Post Processing Settings > On failure Actions are applied to files that failed to be pulled by the receiver.
Post-sending actions > Post-routing(local) On success onSuccess: no/move/delete/ onSuccessMoveDirectory: <directory_name> or void Subscription > Post Processing Settings > On success Actions are applied to files that were pulled successfully by the receiver.
Post-sending actions > Post-transmission (remote) On failure onFailure: no/move/delete/ onFailureMoveDirectory: <directory_name> or void Transfer site > Post Transmission Settings > On Failure

Actions are applied to files that the server failed to pull.

  • SFTP: no / move / delete
  • HTTP: no / delete
  • FTP: no / move / delete
Post-sending actions > Post-transmission (remote) On success onSuccess: no/move/ onSuccessMoveDirectory: <directory_name> or void Transfer site > Post Transmission Settings > On Success

Actions are applied to files that were pulled successfully by the receiver.

  • SFTP: no / move / Allow overwrite existing file
  • HTTP: N/A
  • FTP: no / move
Post-download actions On success onSuccessPostDownload: no/delete/ Subscription > Post Client Download Actions > On success Actions are applied to each file downloaded from the directory where SecureTransport received files from the sender.
Archive files On failure: Default/Enabled/Disabled archiveFilesOnFailure: default/enabled/disabled Route Package > Route for sender > Step: Send to partner > Post routing actions >Archive files on failure The Central Governance setting is deployed on SecureTransport even if archiving is not enabled globally. It has an effect when the global archiving policy is enabled on SecureTransport.
Archive files On success: Default/Enabled/Disabled archiveFilesOnSuccess: default/enabled/disabled Route Package > Route for sender > Step: Send to partner > Post routing actions >Archive files on success The Central Governance setting is deployed on SecureTransport even if archiving is not enabled globally. It has an effect when global archiving policy is enabled on SecureTransport.

Central Governance updates to SecureTransport objects

The following tables describe whether objects deployed on SecureTransport have updates available from Central Governance for transfers.

Account definition

The account represents a part of the flow that communicates directly with the SecureTransport relay: the sender that sends files to SecureTransport or the receiver that pulls files from SecureTransport.

The account is created on SecureTransport when:

  • The sender pushes files to SecureTransport over SFTP, FTP or HTTP or SecureTransport pulls files from sender.
  • The receiver pulls files from SecureTransport.
Field Central Governance deployed value Update from Central Governance
Name If the account represents a part of the flow that acts as a client (push files to SecureTransport or pulls files from SecureTransport): client login. The value is taken from the protocol definition between SecureTransport and client. When SecureTransport pulls files from the sender, the account name is the name of the sender. Yes
Email contact Taken from the contact information of the part of the flow. Yes
Phone contact Taken from the contact information of the part of the flow. Yes
Account Type Unspecified No
Business unit SecureTransport step, Receive properties > Business Unit Yes
Routing Mode Ignore. Yes
Encrypt Mode Unspecified. No
UID SecureTransport step, Receive properties > UID Yes
GID

SecureTransport step, Receive properties > GID

Yes
Home Folder Taken from SecureTransport settings: Accounts > Business Units > Base Home Folder No
Home Folder Access Level

Public for PESIT login accounts

Business Unit for all other accounts created by Central Governance

Yes
Notes N/A No
Adhoc Settings: Delivery Method Disabled No
Allow this account to login to SecureTransport Server Is enabled only if the sender or receiver is an SFTP client for SecureTransport. Yes
Login Name The name of the account.  
Allow this account to login by email No No
Allow this account to submit transfers using the Transfers RESTful API No No
Password is stored locally (not in external directory) Yes No
Password If SecureTransport acts as server and the client authenticates via login and password: taken from the client communication profile from the protocol definition.
No*
Require user to change password on next login Taken from SecureTransport settings: Setup > Central Governance > Expire password on account creation. No
Require user to change password every X days No No
Lock account after y failed login attempts Taken from SecureTransport settings: Setup > Central Governance > Failed login attempts before account is locked. No

* The certificate is updated if needed.

Transfer site definitions

See:

Subscription

The subscription is always created in the sender account, from the CentralGovernanceApplication.

Field Central Governance deployed value Update from Central Governance
Subscription folder SecureTransport Step, Receive properties, Directory. Yes
Automatically Retrieve Files From Yes when SecureTransport pulls files from the sender. Otherwise No. Yes
Automatically Retrieve Files From Transfer Site The transfer site created for the sender only when SecureTransport pulls files from the sender. Yes
Schedule SecureTransport Step, Receive properties, Scheduler. Yes
Transfer profile <empty> Yes
Routing Options Trigger Settings
Trigger file processing based on condition No. No
Submit for processing All files in the subscription folder. No
Post Transmission Settings
On Temporary Failure Delete No
On Failure SecureTransport Step, Receive properties, Post-reception actions, On failure. Yes
Post Client-Download Actions
On Success No action No
Post Routing Settings
On Failure SecureTransport Step, Send properties, Post-sending actions, Post-routing (local), On failure. Yes
On Success SecureTransport Step, Send properties, Post-sending actions, Post-routing (local), On failure. Yes

Route package

The route package is always created in the sender account. It is created starting from the CentralGovernanceRouteTemplate. It contains information about how SecureTransport routes files received from senders to receivers.

Field Central Governance deployed value Update from Central Governance
Name <flow name> Yes
Description Managed by Central Governance. Changing it can corrupt already deployed Central Governance flows. Yes
Subscriptions Link the subscriptions generated for each receiver. Yes
Inherited Settings Not set. No
Specific Settings
Execution Rule All Matching Routes. No
Routes See Route. Yes
Notifications
Notify following e-mails on route failure Disabled. Yes
Notify following e-mails on route success Disabled. Yes

Route

A route in the route package corresponding to the flow is managed for each receiver.

Field Central Governance deployed value Update from Central Governance
Name <sender name>-<receiver name> Yes
Description Managed by Central Governance. Changing it can corrupt already deployed Central Governance flows. Yes
Condition SecureTransport Step, File processing, Condition. If the user does not set a value in Central Governance, the value deployed on SecureTransport is Always. No
Notifications
Notify following e-mails on route failure Disabled. Yes
Notify following e-mails on route success Disabled. Yes
Step: Send to Partner Managed only when the direction between SecureTransport and the receiver is sender pushes files. Yes
File filter SecureTransport Step, Send properties, File filter. Yes
Proceed with route execution on step failure N/A ( SecureTransport default value: Yes) No
Transfer Settings
Select an account If SecureTransport pushes files to the receiver over SFTP, FTP or HTTP, option is Use current account.
Else (SecureTransport pushes files over PeSIT), option is Specify an account name; Account is <Receiver account>.
Yes
Account Transfer Site The transfer site generated for the receiver. Yes
Transfer Profile Available only if the protocol between SecureTransport and receiver is PeSIT. The value is the transfer profile generated for the receiver Yes
Configure advanced PeSIT settings Enabled only if the protocol between SecureTransport and receiver is PeSIT. Yes
Overwrite upload folder SecureTransport Step, Send properties, File properties, Remote folder. Yes
Route file as SecureTransport Step, Send properties, File properties, Sent file as. Yes
Send trigger file N/A (SecureTransport default value: No). No
Max number of parrallel transfers: N/A (SecureTransport default value: 4). No
Retry Settings N/A (SecureTransport default value: 5). No
Max number of retries: N/A (SecureTransport default value: 3000). No
Sleep between retries(in ms): N/A (SecureTransport default value: 2000). No
Sleep increment between retries(in ms) N/A No
Post Routing Action N/A (SecureTransport default value: No) No
Step: Publish to partner Managed only when the direction between SecureTransport and the receiver is receiver pulls files. Yes
File filter SecureTransport Step, Send properties, File filter. Yes
Proceed with route execution on step failure N/A (SecureTransport default value: Yes). No
Target Settings
Account Receiver account. generated
Folder SecureTransport Step, Send properties, File properties, Remote folder. Yes
Publish File as SecureTransport Step, Send properties, File properties, Publish File as. Yes
Collision settings SecureTransport Step, Send properties, Transfer properties, File exists. Yes

SSH keys

When SecureTransport relay acts as a client, pushing files to the receiver or pulling files from the sender, and it must authenticate via login and SSH key , you define in the flow definition the SSH key SecureTransport uses for authentication.

  • When SecureTransport pushes files to a receiver, the SSH key is imported in the private certificates list of the sender account and selected in the transfer site managed for defining the connection between SecureTransport and the receiver. Transfer site with name is <flowname><receiver name>.
  • When SecureTransport pulls files from a sender, the SSH key is imported in the private certificates list of the sender account and selected in the transfer site managed for defining the connection between SecureTransport and the sender. Transfer site with name is <flowname><sender name>.

When SecureTransport relay acts as a server — sender pushes files to SecureTransport or receiver pulls files from SecureTransportCentral Governance does not deploy the SSH key. It is defined in the server communication profile, and SecureTransport already manages it. SecureTransport must have the client public key, which is imported in the in Login Certificates on the account created for the client:

  • When sender pushes files to SecureTransport, the public key of the sender is imported in the sender account.
  • When receiver pulls files from SecureTransport, the public key of the receiver is imported in the receiver account.

 

Central Governance | Document Directory

Related Links