Configure an FTP poller


The FTP Poller enables you to query and retrieve files to be processed by polling a remote file server. When the files are retrieved, they can be passed into the API Gateway core message pipeline for processing. For example, you can use the FTP Poller in cases where an external application drops files on to a remote file server, which can then be validated, modified, and potentially routed on over HTTP or JMS by the API Gateway.

This kind of protocol mediation can be useful when integrating with Business-to-Business (B2B) partner destinations or with legacy systems. For example, instead of making drastic changes to either system, the API Gateway can download the files from the remote file server, and then route them on over HTTP to another back-end system. The added benefit is that messages are exposed to the full compliment of message processing filters available in the API Gateway. This ensures that only properly validated messages are routed on to the target system.

The FTP Poller supports the following file transfer protocols:

  • FTP: File Transfer Protocol

  • FTPS: FTP over Secure Sockets Layer (SSL)

  • SFTP: Secure Shell (SSH) File Transfer Protocol

To add a new FTP Poller, in the Policy Studio tree, under the Listeners node, right-click the instance name (for example, API Gateway), and select FTP Poller > Add. This topic describes how to configure the fields on the FTP Poller Settings dialog.

[Tip] Tip

For details on how to configure the API Gateway to act as a file transfer service that listens on a port for remote clients, see Configure a file transfer service.

General settings

This filter includes the following general settings:


Enter a descriptive name for this FTP Poller.


Select whether this FTP Poller is enabled. This is selected by default.


Enter the host name of the file transfer server to connect to.


Enter the port on which to connect to the file transfer server. Defaults to 20.

User name:

Enter the user name to connect to the file transfer server.


Specify the password for this user.

Scan details

The fields configured in the Scan details section determine when to scan, where to scan, and what files to scan:

Poll every (ms):

Specifies how often in milliseconds the API Gateway scans the specified directory for new files. Defaults to 60000. To optimize performance, it is good practice to poll often to prevent the number of files from building up.

Look in directory:

Enter the full path of the directory to scan for new files.

For files that match the pattern:

Specifies to scan only for files based on a pattern in a regular expression. For example, if you wish to scan only for files with a particular file extension (for example, .xml), enter an appropriate regular expression. Defaults to the following expression:


Process file with following policy:

Click the browse button to select the policy to process each file with. For example, this policy may perform tasks such as validation, threat detection, content filtering, or routing over HTTP or JMS.

Delete file when complete:

Select whether to delete each processed file when complete. This is selected by default.

Establish new session for each file found:

Select whether to establish a new file transfer session for each file found. This is selected by default.

Limit the number of files to be processed:

Select this option to limit the number of files that the FTP poller will process on each poll of the FTP server. This option is not selected by default.

Specify the max number of files to be processed:

Enter the maximum number of files to be processed on each poll of the FTP server. The default is 100.

Connection type

The fields configured in the Connection Type section determine the type of file transfer connection. Select the connection type from the drop-down list:

  • FTP - File Transfer Protocol

  • FTPS - FTP over SSL

  • SFTP - SSH File Transfer Protocol

FTP and FTPS connections

The following general settings apply to FTP and FTPS connections:

Passive transfer mode:

Select this option to prevent problems caused by opening outgoing ports in the firewall relative to the file transfer server (for example, when using active FTP connections). This is selected by default.

File Type:

Select ASCII mode for sending text-based data or Binary mode for sending binary data over the connection. Defaults to ASCII mode.

FTPS connections

The following security settings apply to FTPS connections only:

SSL Protocol:

Enter the SSL protocol used (for example, SSL or TLS). Defaults to SSL.


When this option is selected, security is automatically enabled as soon as the FTP Poller client makes a connection to the remote file transfer service. No clear text is passed between the client and server at any time. In this case, the client defines a specific port for the remote file transfer service to use for secure connections (990). This option is not selected by default.


When this option is selected, the remote file transfer service must explicitly request security from the FTP Poller client, and negotiate the required security. If the file transfer service does not request security, the client can allow the file transfer service to continue insecure or refuse and/or limit the connection. This option is selected by default.

Trusted Certificates:

To connect to a remote file server over SSL, you must trust that server's SSL certificate. When you have imported this certificate into the Certificate Store, you can select it on the Trusted Certificates tab.

Client Certificates:

If the remote file server requires the FTP Poller client to present an SSL certificate to it during the SSL handshake for mutual authentication, you must select this certificate from the list on the Client Certificates tab. This certificate must have a private key associated with it that is also stored in the Certificate Store.

SFTP connections

The following security settings apply to SFTP connections only:

Present following key for authentication:

Click the button on the right, and select a previously configured key to be used for authentication from the tree. To add a key, right-click the Key Pairs node, and select Add. Alternatively, you can import key pairs under the Certificates and Keys node in the Policy Studio tree. For more details, see Manage certificates and keys.

SFTP host must present key with the following finger print:

Enter the fingerprint of the public key that the SFTP host must present (for example, 43:51:43:a1:b5:fc:8b:b7:0a:3a:a9:b1:0f:66:73:a8).