It is possible to upload invoices to an SFTP server and have them picked up from there automatically. It provides secure file system upload over a secure channel. Tradeshift provides a free account to a server where you can upload your invoices in a variety of formats.
See currently supported formats on our integration page.
SFTP stands for ‘SSH File Transfer Protocol’, it is not related to FTP except that it also transfers files and has a similar command set for users. If you are not familiar with SFTP it is recommended to find out more about it before continuing reading this page. There is plenty of information about SFTP available on the web.
In order to use this integration method you have to have an accounting or ERP software which is able to send documents over SFTP or an SFTP client (there are plenty of free SFTP clients available). You have also to activate the ‘SFTP Uploader‘ app from the Tradeshift apps.
To integrate your ERP, accounting system or SFTP client with Tradeshift, please, follow the following steps:
It is possible to enable more formats for dispatch result messages. When a file was dispatched, you can find a dispatch result file (an XML file which has the same name as the original file followed by ‘.dispatch.xml’) in the ‘/sent’ or ‘/dispatchfailed’ directory. This is the default Tradeshift dispatch result file. More result formats can be enabled in the ‘Advanced’ tab of the SFTP app. Currently we support only ‘CONTRL’ which is EDIFACT format control message, but more formats will follow.
(S)FTP(S) usernames became Base64 encoded in order to reduce their length from 32 to 22 characters. For example, if your previous username looked like this: 877308069fd74fed822f3c8afd5e3579, it will become similar to h3MIBp/XT+2CLzyK/V41eQ. All characters like ‘/’, ‘+’ are valid. We still support 32 characters long usernames, so there is no need of changing your existing configuration.
OpenSSH provides end-to-end encrypted channel to facilitate files exchange. It’s a more secure replacement of applications such as telnet, rlogin, and ftp. Unlike these legacy applications, OpenSSH never passes anything (including username and password) over the wire in unencrypted form, and provides host authentication, to verify that you really are talking to the system that you think you are and that no one else can take over that session. OpenSSH is a suite of tools to help secure your network connections.
It provides a strong authentication and closes several security holes (e.g., IP, routing and DNS spoofing). It has improved privacy and all communications are automatically and transparently encrypted.
OpenSSH is available from openssh.org.
Directory used to put files to be processed by Tradeshift. Read more about supported document formats. Uploaded files MUST have unique names.
First semaphore mechanism: Using .ok notation
Second semaphore mechanism: Using .tmp notation
Third semaphore mechanism: Using .filename notation
This server supports attachments to documents. Attachments are files which are attached to the target document. Attachments can be send only together with the original document. It is not possible to add attachments to already uploaded document.
Attachments file names MUST be unique for the target document.
Attachments are attached to the target document with their original file names (e.g. receipt.pdf). Attachments are REMOVED from the server after the document is processed, no matter successfully or not.
Stores successfully dispatched files. Besides, there will be dispatch results file available for each sent document. The dispatch results file has the same name as the original file, but has ‘.dispatch.xml’ appended. More dispatch result formats can be enabled in the ‘Advanced’ tab of the SFTP.
Stores files which didn’t pass the validation. Besides, there will be validation results file available for each failed validation file. It has the same name as the original file but ‘.failed.xml’ appended.
Stores files which pass the validation, but couldn’t be dispatched. Besides, there will be dispatch results file available for each failed validation file. It has the same name as the original file but ‘.dispatchfailed.xml’ appended. Dispatch might fail because of invalid e-mail address in the document.
Optional directory. You have to activate Dynamic Validations app to have it enabled. It stores definitions of dynamic validation. The dynamic validation definitions are XML files defining fields of documents which should be validated against list of possible values that are dynamically uploaded to the dynamicvalidationchanges directory. The validations may define the sender and the receiver of the document for which the field must be validated. It is particularly valuable for an enterprise which has branches (see Branch Management) app: the different validations can be be defined for each branch by setting the branch as the receiver.All files must have the following mandatory fields:
Optionally, the SenderId could be defined. In this case the validation is applied only to documents sent by this particular sender.
NOTE: the file name must exactly match to the Id of the validation definition appended by “.xml” string.
Only one validation definition per file is allowed.
Following the SFTP’s server “.ok file” strategy, the file will be uploaded only after an empty file with the same name appended with “.ok” is uploaded to the directory.
“, “Tradeshift”); ?>
Optional directory. You have to activate Van access app to have it enabled. The directory is used by the external value added networks (VAN) to send documents on behalf of their customers. VAN’s customers don’t have to be registered in Tradeshift. Tradeshift issues a unique ID to each VAN. Contact Tradeshift to request the ID.The VAN ID will appear as a sub-directory of the “/network” directory. This sub-directory works as the “/outbox” directory for the regular users, i.e. documents put into this sub-directory are dispatched. For example, a VAN witch ID is “van01” will have it’s outbox directory in the following location:/network/van01 NOTE: you can’t put files into the “/network” directory.
You can use PuTTY to generate SSH keys. PuTTY is a number of programs that work with unix-like servers. You can download PuTTY from putty.org.
You will need puttygen.exe to generate keys.
Run puttygen.exe. You will see a GUI similar to the one shown below
Select ‘SSH-2 RSA’ type, 1024 number of bits in a generated key and press the ‘Generate’ button. Then move your mouse around the blank area to generate some randomness for the key
The keys will now be generated. You will now need the OpenSSH public key for pasting into the ‘SFTP upload’ app which you can copy from the ‘key’ area. Copy and paste into the ‘Public key’ of the app
Please leave the ‘key passphrase’ field empty and move on to the next step.”, “Tradeshift”); ?>
Save public key by pressing ‘Save public key’ button, input file name ‘sftp_rsa_pub.ppk’. Save private key by pressing ‘Save private key’ button, input file name ‘sftp_rsa.ppk’. You will use the files later when connecting to the SFTP server with an SFTP client
Run ssh-keygen to create the public/private key pair:
local-host$ ssh-keygen -t rsa
This will prompt you for a secret passphrase. Please leave the passphrase field empty and press Enter. If this works right you will get two files called id_rsa and id_rsa.pub in your .ssh directory. You will use them later when connecting to the SFTP server with an SFTP client.
After the signaling that the upload is complete using one of the semaphore mechanisms, the file is converted, validated, digitally signed (optional) and dispatched to the recipient. All this is done asynchronously and take some time. Usually, it takes less than 1 minute, but in case when digital signing is involved or there is a heavy load of the server the dispatching may take more time. So, give the system 5-10 minutes before escalating dispatching issue to a problem. When the file has been dispatched successfully it is moved to the ‘/sent’ directory. Together with this file there will be a dispatch log file in XML format which has the same name as the original file followed by ‘.dispatch.xml’. This is the default Tradeshift dispatch result format. More result formats can be enabled in the ‘Advanced’ tab of the SFTP/FTP/FTPS app. Currently we support only ‘CONTRL’ which is EDIFACT format control message, but more formats will follow. If the dispatch has failed for some reason, the file is moved to the ‘/dispatchfailed’ directory. The dispatch result files can be found in this directory too.
After the key was generated and successfully saved by the ‘SFTP Upload’ app, it would be a good idea to test the connection to SFTP server. For the test purposes you can use WinSCP – a free simple SSH client. You can download it from the WinSCP website. Install WinSCP and follow the following steps:
Fill in ‘Host name’, ‘Port number’ and ‘User name’ fields with the values provided in ‘SFTP Upload’ app. Select private key file ‘sftp_rsa.ppk’ you saved when generating the key. Set the file protocol to SFTP. Leave ‘Password’ field empty, SFTP doesn’t use passwords
If login was successful you will see a commander-style window with list of SFTP server’s directories on one of the sides