Enable file forwarding, encryption, and decryption

Important This content is part of a pilot release. If you haven't been contacted to be part of this pilot, refer to our standard content for Sage People Payflow

Use the Enable file forwarding and encryption form to configure automated routines that can:

  • Forward your Payflow download files to your third-party payroll provider

  • Encrypt files

  • Sign files

Your routine can perform any of these functions individually or in combination. File forwarding jobs run every 5 minutes. When a matching file is found in the source folder, it is encrypted/forwarded to the third-party server.

Note You can only configure one job per source folder. If you configure a second job for the folder, it will overwrite the first.

Before you begin to configure a job you must gather the following information from your third-party provider:

  • Server IP address or URL

  • Port number

  • Destination folder

  • Login method: password or SSH

  • The third party's public key, if encryption is required.

If you want to encrypt/sign files or use SSH authentication, you must import PGP/SSH keys before configuring the job.

Screenshot: enable file forwarding and encryption configuration form

Configure the fields as follows.

Field Description Examples
Source Virtual Folder

The folder that is monitored for the arrival of a new download file deposited by an outbound Payflow service.

The folder path must begin with a forward slash (/).

 /myfolder
File Pattern

The file pattern for the download files. The system will search the source folder and process matching files.

Use * as a wildcard.

*.csv

*.txt

payroll_*.csv
Destination IP/DNS

The server address of the network location to which processed files will be sent. Enter the server address without including the protocol prefix (sftp://) .

If the file is to be encrypted/signed but not forwarded, enter localhost.

server.mypayroll.net

198.51.100.10

localhost
Destination Port

Enter the port number for the destination server. Provided by the third-party provider.

If the file is to be encrypted and/or signed and not forwarded, enter 22.

 22
User

The username used to authenticate the connection at the destination server. Typically provided by the third-party provider.

If the file is to be encrypted and/or signed and not forwarded, enter your admin username.

payrolluser

your_admin_username

 
Password

Enter the password for your admin user. Password cannot contain either < or > symbols.

Important Enter the password with care. Entering an incorrect password in an automated job can cause your user account to be locked out. See Monitor job failed: Auth cancel error
  
Destination Path

The folder location into which files should be delivered at the receiving server. Typically provided by the third-party provider.

The folder path must begin with a forward slash (/).

If the file is to be encrypted and/or signed and not forwarded, specify the destination folder in the file transfer platform. Take care to enter the folder name correctly. If the folder does not already exist, it will be created when the job runs.

/destinationpath

/files/destinationpath
Login Method: Password

If using password authentication, enter the password to authenticate the connection at the destination server. Provided by the third-party provider.

If the file is to be encrypted and/or signed but not forwarded, enter the password for your admin user.

 mypassword
Login Method: SSH Key

If using an SSH key to authenticate the connection to the destination server, select the private SSH key to use.

The key must be generated or sourced by your organization, and the public part of the key pair must be provided to the third-party to enable them to receive the file. Import keys using the Import PGP/SSH keys form.

  
Do you want to use PGP keys?

Select the checkboxes for encryption/signing as appropriate. You can select both Encrypt and Sign as part of one routine. You cannot sign files without encrypting.

If you don't want the file to be encrypted or signed, select No Encryption or Signing.

  • No Encryption or Signing: select this option if you are forwarding the file with no encryption or signing.

  • Encrypt: uses your selected PGP key to encrypt the file.

  • Sign: uses your selected PGP key to sign the file. Only select this option if Encrypt is also selected.

  • Decrypt: select this option to decrypt received files, using the selected private PGP key.

Ensure you have uploaded the PGP keys for encryption/decryption/signing as appropriate. See Import PGP/SSH keys.

 -
PGP Key to Encrypt

Select the PGP key to be used for encryption/decryption, if encryption or decryption is selected.

Ensure you have uploaded the PGP keys using the Import PGP/SSH keys form.

 my_encryption_key.asc
PGP Key to Sign

Select the PGP key to be used for signing, if signing is selected.

Ensure you have uploaded the PGP keys using the Import PGP/SSH keys form.

 my_encryption_key.asc
Do you want to delete the original file?

Select whether you want the file to be removed immediately after the routine has completed. Files that have been forwarded are removed from the folder automatically after a period of time.

  • Yes: the file is removed immediately after processing (recommended).

  • No: the file remains in the folder after processing, and is removed automatically after a period of time.

If you select Yes:

  • For files that are encrypted and forwarded, both the original file and the encrypted/signed file are removed after the job has completed.

  • If you are encrypting/signing the file without forwarding, the original unencrypted file is removed but the newly encrypted/signed file remains in the destination folder.

 -