SFTP (alternate option)
Access & Authorization: Details on how to securely access our API integration
REST API integration is highly recommended over less preferred SFTP integration
SFTP Integration: SSH Key Authentication
Overview:
For SFTP-based integrations, our platform uses secure SSH key authentication, combined with specific username assignments and IP restrictions.
Step-by-Step Flow
-
User Onboarding:
- During onboarding, we assign each client a specific SFTP username.
- We generate an SSH key pair (public and private keys).
- The public SSH key is assigned to the SFTP username and stored on our server
- The private SSH key is encrypted using the client’s public PGP key and then securely shared with the client
- Clients provide their public PGP key
- We encrypt the private SSH key with the provided PGP key before sharing
-
IP Registration:
- We configure the SFTP server (sftp-ads.cardlytics.com) to only allow connections from a predefined set of allowed client IPs.
-
Authentication and Access:
- When the client connects, they use:
- SFTP Host sftp-ads.cardlytics.com
- Their assigned username.
- Their private SSH key.
- The SFTP server authenticates the connection using the client’s public key and checks if the connecting IP is allowed.\
sftp -i partner_private_ssh_key.pem [email protected] - When the client connects, they use:
-
Directory Access:
- Upon successful authentication, the client can access only their authorized account directories.
Updated 3 days ago
What’s Next