SFTP · Digital Onboarding

SFTP access for importing data is currently a beta feature. It is available by invitation only.

The same functionality that is available via the batch uploaders in the application is available via automated uploads using our SFTP service.

Getting Started

You need to register SSH keys with our system to gain access to the SFTP service. There is no limit to the number of keys you can have in service at a time. So if you want to upload from multiple sources each one can have its own unique key that can be individually revoked without affecting your other keys. It also means that you can generate new keys and roll credentials over with 0 downtime.

Generating a Key

Once your public/private keypair are generated, please refer to your SFTP client software's documentation for usage.

Supported public key algorithms

ECDSA (384 bit or 521 bit)
RSA (minimum 1024 bit, recommended 2048 bit)
ED25519

Windows

These instructions assume you are using PuTTYgen.

Open PuTTYgen, and select "Generate":

PuTTYgen Generate Key

Follow the instructions it presents:
Afterwards, PuTTYgen will present you with your public key:

PuTTYgen key generated

Enter an optional passphrase if you'd like one (and your SFTP client supports it).
Save the private key, then select the output in PuTTYgen's window and save that as well. This is the public key you will enter into your Digital Onboarding settings tab:

PuTTYgen key complete

Converting SSH2 public key to OpenSSH format

From PuTTYgen, load your private key file, and copy the output in the window as in step 5 above.

Unix-like

From a terminal session:

$ ssh-keygen -t rsa -b 2048 -E sha512

ssh-keygen will prompt you for a location to store the public/private keypair, as well as an optional passphrase. Note that you can provide different values to the arguments to generate other types of public keys.

Converting SSH2 public key to OpenSSH format

From a terminal session:

$ ssh-keygen -i -f ssh2_public_key_file.pub > openssh.pub

This will output openssh.pub in the appropriate format for use in your settings.

Add your public key to Digital Onboarding settings

Once you have generated a key, copy its public key and enter it into the SFTP tab in your Digital Onboarding settings.

SSH Keys

The title of the key is purely for your own ability to keep track of keys so choose a name that is meaningful for your team and will help you keep track of which key the public key represents. The title will also be shown in audit logs to help you track when events occur with this key.

Connecting to the SFTP service

Once you have a key registered you can connect to the SFTP service at sftp.digitalonboarding.com on port 2222. Your username will be your team's subdomain. So, for example, if your team uses Digital Onboarding by going to https://mybank.digitalonboarding.com, your username will be mybank.

Testing

After connecting to our SFTP service, you should see two folders (contacts/ and templates/). If you'd like to test your ability to upload files, but aren't ready to add contacts to the system, you may upload a file to any directory (including the root directory) aside from these two folders.

When a file has been uploaded, our system will generate an email that is sent to your team's technical contact. In order to ensure proper delivery, you can work with our customer success team to add a technical contact to your team.

Uploading CSVs

Paths in the service mimic a RESTful API – they are actually the same paths you would use if you were to use our API.

Contacts

If you want the CSV you are uploading to be treated as if it were uploaded to the contacts' batch uploader in the admin interface you should upload it to the /contacts/ path. The actual filename is not significant and does not matter. See contacts documentation for more information on available fields.

Accounts

If you want the CSV you are uploading to be treated as if it were uploaded to the accounts' batch uploader in the admin interface you should upload it to the /accounts/ path. The actual filename is not significant and does not matter. See accounts documentation for more information on available fields.

Templates

If you want the CSV you are uploading to be treated as if it were uploaded to a specific template you would need to know its id. If, for example, your template's id were 6783a405-138a-497f-bf0b-d5ef53cae356 you would upload the file to the /templates/6783a405-138a-497f-bf0b-d5ef53cae356/ path. Again, the actual filename doesn't matter and is not significant.

It is important to note that as soon as uploads are processed they are deleted from Digital Onboarding and we do not retain copies of them. This means that files previously uploaded will not necessarily be visible the next time you connect to the SFTP service.

Our SFTP service runs on multiple servers behind a load balancer to ensure that it is stable across server faults and high loads. That means that you are not guaranteed to connect to the same server every time you connect and is part of why you should not expect artifacts from one session to be available in the next session.

Sending Digital Onboarding PGP Encrypted Data

Note that encryption is not required for file transfers, it is entirely optional. If you choose to sign the encrypted file with your public PGP key, you will need to upload it to the admin panel shown below:

PGP Keys

Please be sure your encrypted data file has an extension of either: .gpg, .pgp, or .asc, otherwise we will not be able to decrypt the data. Once we receive your data and decrypt it, you should see it imported in your team.

Use the Digital Onboarding public PGP key below to send us your encrypted data via SFTP.

Public Key

Objective Completion

For more information on objective completion, see completing objectives.