SFTP hosts
Adobe Experience Platform allows you to deliver tag library builds to a secured SFTP server that you host, giving you greater control over how your builds are stored and managed. This guide covers how to set up an SFTP host for a tag property in the Experience Platform UI or Data Collection UI.
Set up an access key for your server access-key
Platform connects to your SFTP site using an encrypted key. There are a few steps to set this up correctly:
Create a public/private key pair
You must have a public/private key pair installed on your SFTP server. You can generate these keys on your server or generate them somewhere else and install them on your server. See the GitHub documentation regarding how to generate SSH keys for more information.
Encrypt your keys
The private key is used to encrypt the public key. You will need to provide your private key during the SFTP host creation process. See the section on encrypting values in the Reactor API guide for instructions on encrypting public keys. Use the Production Environment’s GPG key unless you know you need a specific one. Finally, you can encrypt your private key from any machine, so you do not need to install GPG on your server to complete this step.
Allowlist Platform IP addresses
You may need to approve a set of IP addresses to be used within your company firewall to allow Platform to reach your SFTP server and connect to it. These IP Addresses are:
184.72.239.68
23.20.85.113
54.226.193.184
For more detailed information, refer to the following Medium article on how to set up SFTP servers to deliver a build.
Create an SFTP host create
Select Hosts in the left navigation, followed by Add Host.
The host creation dialog appears. Provide a name for the host, and under Type, select SFTP.
Configure the SFTP host configure
The dialog expands to include additional configuration options for the SFTP host. These are explained below.
The port must be one of the following:
21
22
201
200
2002
2018
2022
2200
2222
2333
2939
443
4343
80
8080
8888
As a security best practice, Adobe limits the number of ports that can be used for outgoing traffic. The selected ports are commonly allowed through corporate firewalls and include some ranges for flexibility.
Select Save to create the host with the selected configuration.
When you select Save, the connection and ability to deliver the files to your SFTP server is tested. Platform creates a folder, writes a file within that folder, checks to make sure the file is there, and then cleans up after itself. If the user account on your SFTP server (the one attached to the secure certificate you provided to Platform) does not have the necessary permissions to perform this action, then the host goes into a “Failed” status.
Next steps
This guide covered how to set up a self-hosted SFTP server for use in tags. Once the host has been established, you can associate it with one or more of your environments for publishing tag libraries. For more information on the high-level process of activating tag functionalities on your web or mobile properties, see the publishing overview.