Preparing the MFT Service Account
Before you can use an MFT service with InterSystems IRIS, you must perform the following tasks:
The following subsections provide details.
Setting Up Accounts
For each MFT service you intend to use, you must create two types of accounts:
-
One main administrative account, which manages all users and all directories
-
Multiple subaccounts, as needed for the end users
An end user account is needed for each person (or organization) expected to send and receive files. These end users can access only the files in their own folders or in folders to which they have explicitly been granted access, either by the actual owner or by an administrator. Consult the documentation for the MFT service for instructions on how to create these subaccounts, and how to set and verify permissions.
When you create the main account, make a note of the root URL that is meant for use in transferring files (for this account). You will need this information later (to use as the Base URL for the connection to the account).
Also choose an administrator for the account and make a note of the email address of that person.
Creating a Custom Application
After creating accounts at the MFT service, you must create a custom application within the main account, for use by the InterSystems IRIS production. Within this custom application, specify the following details:
-
A unique name.
-
The redirect URL for the InterSystems IRIS server. This URL has the following form:
https://<baseURL>/prefix/csp/sys/oauth2/OAuth2.Response.cls
Where:
See Creating a Managed File Transfer Connection.
-
A pair of generated values (an OAuth 2.0 client ID/client secret pair), for use in authorizing the connection. The MFT services each use different names for these values:
MFT Service |
Name for the OAuth 2.0 client ID |
Name for the OAuth 2.0 client secret |
Box |
Client ID |
Client Secret |
Dropbox |
App key |
App secret |
kiteworks |
Client Application ID |
Client Secret Key |
Important:
When the transfer service generates this information, record it immediately and keep it in a secure location. The client secret, in particular, is meant to be held privately.
Setting Up the Directory Structure
You must also set up a directory structure so that each subaccount has a designated area for sending files and for receiving files.
InterSystems recommends using one parent “Incoming” and one parent “Outgoing” directory at the top level of the account, with individual incoming and outgoing subdirectories for the subaccounts within those directories. This organization makes it easier for the InterSystems IRIS production to locate all files that need to be transferred in either direction.
If you are already using an MFT service, then you may already be using a different directory structure. If so, and you do not wish to modify the directory structure, then you might need to add multiple MFT business services and operations to the production, each configured to find or place files in different directories.