Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.box.com/llms.txt

Use this file to discover all available pages before exploring further.

This guide covers the differences between Box SFTP and Box FTPS, explains why you should migrate to Box SFTP, and provides step-by-step instructions for migrating from FTP or Box FTPS to Box SFTP across different software platforms. Throughout this guide, sftp_address means your Box SFTP server hostname. If you use Box Zones, see Choose the Correct SFTP Endpoint for Your Region to find your regional endpoint. Otherwise use sftp.services.box.com.

​
Why Box recommends Box SFTP

Box recommends Box SFTP as a more secure and better-performing option for file transfers. While both Box SFTP and Box FTPS are available for Business and Enterprise accounts, Box SFTP provides significant advantages that make it the better choice for most integrations.

​
Reasons to choose Box SFTP

For new integrations, choose Box SFTP. For existing Box FTPS integrations, consider migrating to take advantage of these benefits.

​
Faster download speeds

Box internal tests show Box SFTP delivers three times faster download performance compared to Box FTPS.
  • Better for high-volume file transfers and time-sensitive operations.
  • More efficient protocol reduces transfer time and costs.

​
Simpler network setup

  • Box SFTP: Uses a single port (22), which simplifies firewall configuration.
  • Box FTPS: Requires multiple ports (control port plus ports 10,000–29,999 for data).
  • Easier to configure, especially in cloud environments.
  • Fewer security policy exceptions needed.

​
Resumable downloads

  • Box SFTP supports resuming interrupted file transfers.
  • If a connection drops, you can continue where you left off.
  • Box FTPS does not support resumable transfers; you must restart from the beginning.
  • Critical for large files and unreliable network connections.

​
Better directory capacity

  • Box SFTP: Supports directories with up to 100,000 items.
  • Box FTPS: Limited to 20,000 items per directory (all actions blocked at this limit).
  • Essential for enterprise-scale integrations with large folder structures.

​
Better security and reliability

  • Box’s recommended secure option.
  • End-to-end encryption by default.
  • Better handling of network interruptions.
  • More reliable for large file transfers.

​
Granular access control

  • Box SFTP: Can be enabled for selected users or groups so only people who need access have it.
  • Box FTPS: Can only be enabled for the entire enterprise (all-or-nothing approach).
  • Better security through principle of least privilege.
  • Easier to manage and audit who has file transfer access.

​
Regional deployment and data residency

  • Box SFTP: Deployed in Box zones and available in multiple regions.
  • For customers with Box Zones, Box SFTP is available in four additional regions: Australia, Japan, and two Europe regions.
  • Better compliance: data processing happens in your region, meeting GDPR and local data protection requirements.
  • Better performance: shorter distance between server and client reduces latency and improves transfer speeds.
  • Box FTPS: Only available through a single global endpoint with no regional options.

​
Understanding the differences

​
Box SFTP vs Box FTPS

FeatureBox SFTPBox FTPS
Download Speed3x faster (Box tests)Baseline
Ports Required1 port (22)Multiple ports (10,000–29,999 range)
Resumable DownloadsYesNo
Directory Limit100,000 items20,000 items
Access ControlSelected users or groupsEnterprise-wide only
Regional DeploymentYes (four regions with Zones)No
Network SetupSimpleComplex
Box’s RecommendationRecommendedNot recommended

​
Key changes for Box SFTP

  • Port: Use port 22 (not 21).
  • Protocol: Select SFTP (not FTP or FTPS).
  • Authentication: Username and password (same as your Box account).
  • MFA: If enabled, you are prompted for a verification code after entering your password.
  • Server address (sftp_address): Use your Box SFTP hostname as described above. The default hostname is sftp.services.box.com when you are not using a regional endpoint.

​
Common use cases

Choose Box SFTP for:
  • High-volume file transfers
  • Cloud-to-cloud integrations
  • Large directory structures (over 20,000 items)
  • Unreliable network connections (benefits from resumable downloads)
  • Time-sensitive operations (faster download speeds)
  • Modern cloud environments
  • Regional compliance requirements (GDPR, data residency)
  • Global organizations needing regional performance optimization

​
Technical requirements for Box SFTP and Box FTPS

​
Both protocols

​
Box SFTP setup

  • Port: 22
  • Must be enabled in Box Admin Console: Integrations > Box SFTP Server
  • Can be enabled for selected users or groups for granular access control
  • Regional deployment available — for Box Zones customers, available in Australia, Japan, and two Europe regions

​
Box FTPS setup

  • Server: ftp.box.com
  • Ports: 990 (implicit) or 21 (explicit)
  • Data channel: Ports 10,000–29,999 must be open
  • Must be enabled in Box Admin Console: Enterprise Settings > Box Clients > Server
  • Can only be enabled for the entire enterprise (all users get access)

​
Migration guide

This section provides step-by-step instructions for migrating from FTP or Box FTPS to Box SFTP in different software platforms. If you are currently using Box FTPS or FTP, migrating to Box SFTP is straightforward:
  • Most modern clients support both protocols
  • You can run both in parallel during migration
  • Similar authentication (username and password)
  • File operations work the same way

​
Migrating with Beyond Compare

Beyond Compare is a powerful comparison and synchronization tool that supports SFTP connections.

​
Prerequisites

  • Beyond Compare version 4 or 5 (paid version)
  • Your Box account email and password
  • Box SFTP server address: your sftp_address

​
Connection steps

Create new profile
  1. Launch Beyond Compare.
  2. Click Beyond Compare > Profiles.
  3. Click New or +.
  4. Choose FTP Profile.
Configure SFTP connection
On the Login tab:
  • Protocol: Choose SFTP (SSH2)
  • Host: sftp_address
  • Port: 22
  • Username: Enter your Box account email
  • Password: Enter your Box password
Save profile
  1. Click Save As

  2. Enter a profile name (for example, “Box SFTP”).
  3. Click OK.
  4. The profile appears in your profiles list.
Open Folder Compare
  1. Launch Beyond Compare.
  2. Right-click Folder Compare from the Home View.
  3. Click Open.
  4. Select your Box SFTP profile on the left or right view.
Handle MFA (if enabled)
If MFA is enabled:
  1. Beyond Compare asks for the verification code.
  2. Enter the six-character alphanumeric code (without the space) into the verification code field when prompted.
  3. Click OK.

​
Beyond Compare tips

Ensure you are using the SFTP protocol, not FTP.
Session settings
  1. Go to Session > Session Settings.
  2. Configure comparison rules, filters, and sync options.
Save session
After configuring, save the session for future use:
  • Go to Session > Save Session.

​
Migrating with command-line tools

Command-line tools provide powerful scripting and automation capabilities for SFTP connections.

​
Available command-line tools

ToolProtocolBest For
sftpSFTPBuilt-in, basic file transfers
scpSFTPQuick single file or folder transfers
lftpFTP or SFTPAdvanced scripting and mirroring
rsyncVariousSynchronization (over SSH)

​
Handling MFA in command-line

If MFA is enabled, you are prompted:
  • Password: Enter your password.
  • Verification code: Enter the six-character alphanumeric code (without the space) when prompted by your SFTP client.
Important:
  • Some command-line tools may not support interactive MFA prompts.
  • For automated scripts, consider using accounts without MFA.
  • Ensure your client supports keyboard-interactive authentication.

​
Using sftp (built-in SFTP client)

The sftp command is available on Linux, macOS, and Windows (via OpenSSH).
Basic connection
sftp username@sftp_address
Replace username with your Box account email.
Interactive commands
Once connected, you can use these commands: 
# List remote directory
ls
# Change remote directory
cd /path/to/folder
# List local directory
lls
# Change local directory
lcd /local/path
# Upload file
put localfile.txt remotefile.txt
# Upload multiple files
put *.txt
# Download file
get remotefile.txt localfile.txt
# Download multiple files
get *.txt
# Download directory (recursive)
get -r /remote/folder
# Upload directory (recursive)
put -r /local/folder
# Create remote directory
mkdir newfolder
# Remove remote file
rm file.txt
# Remove remote directory
rmdir folder
# Show current remote directory
pwd
# Show current local directory
lpwd
# Exit
exit
Non-interactive usage (batch mode)
# Upload file using heredoc
sftp username@sftp_address << EOF
put localfile.txt remotefile.txt
exit
EOF
# Download file
sftp username@sftp_address << EOF
get remotefile.txt localfile.txt
exit
EOF
Verbose mode (debugging)
# Show detailed connection information
sftp -v username@sftp_address
# Extra verbose (debug level 2)
sftp -vv username@sftp_address

​
Using scp (secure copy)

scp is useful for quick file transfers without interactive sessions.
Upload file
scp localfile.txt username@sftp_address:/remote/path/
Download file
scp username@sftp_address:/remote/path/file.txt ./
Upload directory (recursive)
scp -r /local/folder username@sftp_address:/remote/path/
Download directory (recursive)
scp -r username@sftp_address:/remote/path/folder ./
SCP options
# Show progress
scp -v localfile.txt username@sftp_address:/path/
# Compress during transfer
scp -C localfile.txt username@sftp_address:/path/
# Limit bandwidth (in Kbit/s)
scp -l 1024 largefile.zip username@sftp_address:/path/

​
Using lftp (advanced FTP or SFTP client)

lftp is a sophisticated file transfer program with scripting capabilities.
Installation
Linux: 
sudo apt-get install lftp  # Debian/Ubuntu
sudo yum install lftp      # RHEL/CentOS
macOS: 
brew install lftp
Basic connection
lftp sftp://username@sftp_address
Interactive commands
# List files
ls
# Change directory
cd /path/to/folder
# Upload file
put localfile.txt
# Download file
get remotefile.txt
# Mirror directory (sync)
mirror -R /local/folder /remote/folder  # Upload
mirror /remote/folder /local/folder     # Download
# Parallel transfers (4 connections)
set mirror:parallel-transfer-count 4
mirror /remote/folder /local/folder
# Exit
quit
Script example
#!/bin/bash
lftp sftp://username@sftp_address << EOF
cd /remote/folder
put /local/file.txt
quit
EOF
Advanced features
Mirror with options: 
# Mirror with delete (sync exactly)
mirror --delete /remote/folder /local/folder
# Mirror only newer files
mirror --newer-than="2024-01-01" /remote/folder /local/folder
# Parallel downloads
mirror --parallel=4 /remote/folder /local/folder

​
General command-line reference

# Test Box SFTP connection
sftp username@sftp_address

# Test port connectivity
telnet sftp_address 22

# Check SFTP version
sftp -V

# Verbose connection (for debugging)
sftp -v username@sftp_address

​
Migrating with Cyberduck

Cyberduck is a free, open-source cloud storage browser for macOS and Windows with support for SFTP, FTP, WebDAV, and various cloud storage services.

​
Prerequisites

  • Cyberduck (free download from cyberduck.io)
  • Your Box account email and password
  • Box SFTP server address: your sftp_address

​
Connection steps

Launch Cyberduck
Open the Cyberduck application. The main browser window opens.
Open connection dialog
  1. Click Open Connection in the toolbar (or press Cmd+O or Ctrl+O).
  2. The connection dialog appears.
Configure SFTP connection
In the connection dialog:
  • Protocol: Select SFTP (SSH File Transfer Protocol) from the dropdown menu.
  • Server: sftp_address
  • Port: 22 (automatically filled when SFTP is selected)
  • Username: Enter your Box account email
  • Password: Enter your Box password
Optional settings
SSH Private Key: Leave as None (not currently supported by Box SFTP).
Connect
  1. Click Connect.
  2. On the first connection, you may see an Unknown Fingerprint warning:
    • This is the server’s host key.
    • Check the fingerprint (if provided by your administrator) or verify against Using Box with SFTP.
    • Check Always to trust this key permanently.
    • Click Allow to accept and continue.
Handle MFA (if enabled)
If Multi-Factor Authentication is enabled:
  1. After entering your password, Cyberduck prompts for additional authentication.
  2. A dialog requests a Verification code.
  3. Enter the six-character alphanumeric code (without the space) from your authenticator source.
  4. Click Continue or press Enter.

​
Creating a bookmark (saved connection)

To save your connection for quick access:
  1. After connecting, go to Bookmark > New Bookmark.
  2. Configure the bookmark settings:
    • Nickname: Enter “Box SFTP” (or your preferred name)
    • Protocol: SFTP
    • Server: sftp_address
    • Port: 22
    • Username: Your Box account email
    • Password: Enter your Box password
    • SSH Private Key: Leave as None (not currently supported by Box SFTP)
    • Path: Optional starting directory
  3. Click Close.

​
Accessing bookmarks

  • Bookmarks appear in the main window’s sidebar.
  • Double-click a bookmark to connect instantly.
  • Organize bookmarks as needed.

​
Cyberduck tips

Performance:
  • Multiple connections: Increase concurrent transfers for faster bulk operations.
  • Bandwidth throttling: Limit transfer speed in Preferences > Bandwidth.

​
Cyberduck CLI (duck)

Cyberduck also offers a command-line version called duck for scripting and automation. Installation: 
# macOS (Homebrew)
brew install duck
# Windows (Chocolatey)
choco install duck
Usage: 
# Upload file
duck --upload sftp://username@sftp_address/path/to/remote file.txt
# Download file
duck --download sftp://username@sftp_address/path/to/file.txt ./
# List directory
duck --list sftp://username@sftp_address/path/
# Synchronize directories
duck --synchronize sftp://username@sftp_address/remote/folder /local/folder

​
Common Cyberduck issues

“Unknown fingerprint” or “Host key verification failed”
  • This is normal on the first connection.
  • Verify the host key with Using Box with SFTP.
  • Click Allow and check Always to trust the server.
  • If it appears again unexpectedly, contact your administrator.
“Connection failed” or “Connection timeout” “Login failed” or “Authentication failed”
  • Verify the username (your Box email) and password.
  • Ensure SFTP is selected (not FTP).
  • If MFA is enabled, enter the six-character alphanumeric code (without the space) when prompted.
“Permission denied” during upload
  • Verify you have write permissions in Box.
  • Check whether the target folder exists.
  • Ensure you have sufficient storage quota.
Transfer is slow
  • Increase concurrent transfers in Preferences > Transfers.
  • Check your network connection speed.
  • Try transferring during off-peak hours.
MFA prompt not appearing
  • Ensure you are using the SFTP protocol (not FTP).
  • Update to the latest version of Cyberduck.
  • Some older versions may have issues with keyboard-interactive authentication.

​
Migrating with FileZilla

FileZilla is a free, open-source FTP client that supports SFTP connections.

​
Prerequisites

  • FileZilla Client (any recent version)
  • Your Box account email and password
  • Box SFTP server address: your sftp_address

​
Connection steps

Open Site Manager
  1. Launch FileZilla.
  2. Click File > Site Manager (or press Ctrl+S or Cmd+S).
Create new SFTP site
  1. Click New Site.
  2. Type a descriptive name (for example, “Box SFTP”).
Configure connection settings
On the General tab:
  • Protocol: Select SFTP - SSH File Transfer Protocol.
  • Host: sftp_address
  • Port: Enter 22
  • Logon Type: Normal
  • User: Enter your Box account email
  • Password: Enter your Box password (leave blank if you prefer to enter it each time)
Advanced settings (optional)
Click the Advanced tab:
  • Default remote directory: Leave empty or set to your preferred starting directory.
  • Default local directory: Set to your preferred local folder.
Save and connect
  1. Click OK.
  2. Click Connect.
Handle MFA (if enabled)
If Multi-Factor Authentication (MFA) is enabled:
  1. After entering your password, you see a prompt: Verification code.
  2. Enter the six-character alphanumeric code (without the space) from your authenticator source (SMS or email).
  3. Press Enter.
Verify connection
You should see your remote directory structure in the right panel. The status bar should show “Directory listing successful”.

​
FileZilla quick connect

For quick access without saving a site, use the Quick Connect bar at the top of FileZilla.
  1. Enter the following:
    • Host: sftp_address
    • Username: Your Box login
    • Password: Your Box password
    • Port: 22
  2. Click Quickconnect.

​
FileZilla tips

  • Transfer settings: Go to Edit > Settings > Transfers and adjust concurrent transfers. If your account uses MFA, set the number of simultaneous transfers to 1. Using multiple simultaneous transfers with MFA enabled can cause authentication failures.
  • Keep-alive: Enable keep-alive to prevent connection timeout during long transfers.
  • Transfer mode: Binary mode is used automatically for SFTP.

​
Common FileZilla issues

“Connection refused” or “Connection timeout”
  • Verify the server address (sftp_address) and port (22).
  • Check firewall settings.
“Authentication failed”
  • Verify the username and password are correct.
  • If MFA is enabled, ensure you enter the six-character alphanumeric code (without the space).
  • If MFA is enabled and you are transferring multiple files at the same time, reduce simultaneous transfers to 1. Go to Edit > Settings > Transfers and set maximum simultaneous transfers to 1. Transferring files in parallel while MFA is active can interrupt the login process and cause transfers to fail.
“Unknown host key” Verify the host key with Using Box with SFTP and check the Always trust this host, add this key to the cache checkbox, then click OK to accept the host key (first connection only).

​
Migrating with Qualtrics

Qualtrics ETL Workflows include two built-in SFTP tasks — Extract data from SFTP files (inbound) and Load data into SFTP (outbound) — that can connect to Box SFTP to automate the transfer of survey responses, contacts, employee data, and other ETL output on a schedule or event.

​
Prerequisites

  • A Qualtrics license with Workflows enabled
  • Brand Administrator access (to add an SFTP account brand-wide via Admin > Extensions), or individual-user access (to add a personal account from inside the SFTP task)
  • Box SFTP server address: your sftp_address
  • A Box account email and password:
    • Box SFTP supports only username and password authentication. The Qualtrics SSH Key and Encrypted SSH Key options do not work against Box SFTP and must not be selected.
    • The Box account used for the integration must not have Multi-Factor Authentication enabled. Qualtrics workflows run unattended and cannot supply a six-character verification code; use a dedicated service account without MFA, or work with your Box admin to use an account with MFA bypass policies.
    • SSO logins are not supported by Box SFTP. If the account uses SSO, set a Box-specific password under Account Settings > Account > Authentication and use that password in Qualtrics.
  • Box folder permissions appropriate for the Qualtrics task:
    • Load data into SFTP — read and write
    • Extract data from SFTP files — read, write, and delete (Qualtrics’ Test connection writes a small file, reads it, and deletes it)
  • Network: Allowlist the Qualtrics IP ranges on your egress firewall and confirm outbound TCP 22 to sftp_address is open. See Qualtrics documentation for Allowlist the Qualtrics IP Ranges for the current list.

​
Connection steps

Add an SFTP account
  1. Log in to Qualtrics.
  2. As a Brand Administrator: go to Admin > Extensions, click Extract data from SFTP files (or Load data into SFTP), then click Add Account. As an individual user: from inside an SFTP task in your workflow, click Add user account.
  3. Give the account a name (for example, “Box SFTP”).
Configure SFTP settings
  • Hostname: sftp_address
  • Port: 22
  • Authentication method: Password
  • Username: Enter your Box account email
  • Password: Enter your Box password
  • Click Connect Account.
Test the connection
  1. In the SFTP task, click Test connection.
  2. Qualtrics uploads a small file, reads it, and deletes it. The test must succeed before saving the workflow.
Handle MFA (if enabled)
Box SFTP issues an additional keyboard-interactive verification-code prompt when MFA is on. Qualtrics’ Password method does not respond to that prompt inside a scheduled workflow, so the test or run fails with an authentication error. Either disable MFA on the integration account or use a dedicated service account without MFA.

​
Qualtrics-specific considerations

File transfer patterns
Outbound (Qualtrics to Box) — Load data into SFTP:
  • Pair with an upstream extractor (for example, Extract responses from a survey) in the same ETL workflow.
  • The output file goes to the directory you specify on the Box account’s home directory; relative and absolute paths are both accepted.
  • Single-run upload size is capped by Qualtrics’ Load task limit; Box SFTP itself accepts up to 32 GB per file.
Inbound (Box to Qualtrics) — Extract data from SFTP files:
  • Set a File name pattern (prefix or RE2 regex) and a case-sensitive Pickup directory.
  • Supported file types: CSV, TSV, JSON, Excel (.xlsx ≀ 1 GB, .xls ≀ 5 MB).
  • Files must be UTF-8 (not “Unicode UTF-8”) with a header row. Use straight quotation marks; backslash-escaped quotes are not valid in CSV.
  • Per Qualtrics’ current documentation: 200 files per run, with per-file and per-run total size caps that Qualtrics may revise over time — verify the current values in Qualtrics’ Extract data from SFTP files documentation for your tier.
  • Post-processing: Qualtrics can delete the file, move it to another directory, or leave it in place after a successful run.
Error handling
  • Configure workflow notifications or alerts on failure (Workflows > Alerts).
  • Use Skip bad files or Skip malformed rows so a single bad file does not fail the entire run.
  • Review the workflow’s Run history for per-file status.
Security considerations
  • Use a dedicated Box service account scoped only to the folders Qualtrics needs.
  • Avoid special characters in the Box password — Qualtrics’ SFTP troubleshooting documentation lists this as a common cause of intermittent authentication failures.
  • Rotate the Box password on a schedule and update the saved Qualtrics SFTP account when you do.
  • Box SFTP files in the pickup directory may be read multiple times during a run; do not configure Box-side automation that deletes or moves files on first touch.

​
Qualtrics troubleshooting

Authentication failed
  • Confirm Password is selected (not SSH Key or Encrypted SSH Key). Re-enter the Box email and password. Remove special characters from the password if present. Verify the account has no MFA and is not SSO-only without a Box-specific password.
Test connection succeeds but the run fails on extract
  • Confirm the account has delete permission on the Pickup directory in Box (the Extract task deletes processed files by default). Verify the directory path matches the case exactly.
Connection refused or timeout
  • Allowlist Qualtrics’ IP ranges on your egress firewall, verify outbound TCP 22 to sftp_address, and confirm Box SFTP is enabled in your Box Admin Console under Integrations > Box SFTP Server for the user or group the integration account belongs to.
“Cannot initialize SFTP protocol”
  • Ensure the saved hostname is sftp_address (not ftp.box.com) and port 22. Box FTPS endpoints do not accept Qualtrics SFTP connections.

​
Migrating with WinSCP

WinSCP is a free SFTP and FTP client for Windows with a focus on secure file transfers.

​
Prerequisites

  • WinSCP (free download from winscp.net)
  • Your Box account email and password
  • Box SFTP server address: your sftp_address

​
Connection steps

Launch WinSCP
  1. Open the WinSCP application.
  2. The Login dialog appears automatically.
Configure new session
In the Login dialog:
  • File protocol: Select SFTP.
  • Host name: sftp_address
  • Port number: 22
  • User name: Enter your Box account email
  • Password: Enter your Box password (or leave blank to be prompted)
Advanced settings (optional)
Click the Advanced button to configure additional settings. Environment tab:
  • SFTP server: Leave default (automatic detection)
  • SCP or Shell: Not needed for SFTP
Connection tab:
  • Server response timeout: 30 seconds (default)
  • Keep-alives: 30 seconds (to prevent connection timeout)
Save session (optional)
  1. Click Save.
  2. Enter a session name (for example, “Box SFTP”).
  3. Consider saving passwords only on trusted computers.
Connect
  1. Click Login to establish the connection.
  2. If prompted about the host key, verify the host key with Using Box with SFTP and accept.
  3. Click Yes to accept (first connection only).
Handle MFA (if enabled)
If Multi-Factor Authentication is enabled:
  1. After entering your password, you see an additional keyboard-interactive authentication prompt.
  2. Enter the six-character alphanumeric code (without the space) from your authenticator source (SMS or email).
  3. Click OK.
Verify connection
  • You should see your local files on the left panel.
  • Box SFTP remote files on the right panel.
  • The status bar at the bottom should show “Connected”.

​
WinSCP interface options

To change the interface: Click Options > Preferences > Environment > Interface. WinSCP offers three interface styles:
  • Commander (default): Dual-pane interface (local | remote)
  • Explorer: Single-pane interface like Windows Explorer
  • Custom: Customize the layout to your preference

​
WinSCP tips

  • Custom commands: Create custom commands in Extensions > Custom Commands
  • Generate script: Use Session > Generate Session URL or Code to create automation scripts
  • Synchronized browsing: Enable to navigate local and remote directories together

​
Common WinSCP issues

“Connection has been unexpectedly closed”
  • Check firewall settings and verify the server address.
  • Try increasing the timeout in Advanced settings.
“Authentication failed”
  • Verify credentials are correct.
  • Ensure you are using the SFTP protocol (not FTP).
“Cannot initialize SFTP protocol”
  • Ensure port 22 is not blocked.
  • Verify SFTP is selected as the protocol.

​
Migrating with Workday

Workday integrations can use Box SFTP for automated file transfers.

​
Prerequisites

  • Workday administrator access
  • Box SFTP server address: your sftp_address
  • Box account email and password
  • Understanding of Workday integration setup

​
Connection steps

Access Integration System
  1. Log in to Workday as an administrator.
  2. Navigate to Integrations > Integration System.
Create new SFTP integration
  1. Click Create Integration System.
  2. Enter a name (for example, “Box SFTP Integration”).
Configure SFTP settings
Connection details:
  • Protocol: Select SFTP (not FTP)
  • Host: sftp_address
  • Port: 22
  • Username: Enter your Box account email
  • Password: Enter your Box password
Advanced settings:
  • Connection Timeout: 30 seconds (default)
  • Retry Attempts: 3 (default)
  • Transfer Mode: Binary (recommended)
Configure authentication
  1. Authentication method: Username and password
  2. If MFA is enabled:
    • Workday may need to be configured to handle keyboard-interactive authentication
    • Contact your Box administrator for MFA setup guidance
    • Consider using accounts without MFA for automated integrations
Test connection
  1. Use Workday’s Test Connection feature.
  2. Verify the connection is successful.
  3. Check for any error messages.
Configure file paths
  1. Set up remote directory paths for file transfers.
  2. Verify file naming conventions.
  3. Configure file encoding (UTF-8 recommended).

​
Workday-specific considerations

File transfer patterns
Outbound (Workday to Box):
  • Ensure file naming conventions are maintained.
  • Verify file encoding (UTF-8 recommended).
  • Check file size limits (max 32 GB).
Inbound (Box to Workday):
  • Verify file format compatibility.
  • Check parsing logic for file structure.
  • Ensure error handling is configured.
Error handling
  1. Configure error notifications.
  2. Set up retry logic.
  3. Monitor integration logs.
  4. Set up alerts for failed transfers.
Security considerations
  • Use accounts with minimal permissions.
  • Rotate passwords regularly.
  • Enable audit logging.
  • Consider IP allowlisting if supported.

​
Workday troubleshooting

Connection timeout
  • Check firewall rules and verify the server address (sftp_address) and port.
Authentication failed
  • Verify the username and password and check for MFA requirements.
Files not transferring
  • Check file permissions, verify paths, and review integration logs.
MFA not supported
  • Use an account without MFA, or contact Box support for alternative authentication options.

​
Best practices

​
Security

​
Use strong passwords

  • Minimum 12 characters
  • Mix of letters, numbers, and symbols
  • Do not reuse passwords

​
Enable MFA

Where interactive use allows, enable MFA for human accounts (use dedicated non-MFA service accounts only where automation requires it).

​
Connection security

  • Always verify the host key on the first connection (see Using Box with SFTP).
  • Do not ignore host key warnings after the initial connection.
  • Keep SFTP client software updated.

​
Credential management

  • Use password managers for credentials.
  • Do not store passwords in plain text scripts.

​
Connection management

Close unused connections
  • Close connections when not in use.
  • Avoid keeping multiple connections open unnecessarily.
  • Box limits 40 concurrent connections per user.
Enable keep-alive
  • Prevents connection timeout during long operations.
  • Recommended for large file transfers.
Use connection pooling
  • For automated transfers, reuse connections when possible.
  • Reduces authentication overhead.

​
Testing

​
Test before production

  • Test the connection manually before automating.
  • Verify file transfers work correctly.
  • Test with small files first.

​
Monitor connections

  • Review connection logs regularly.
  • Set up alerts for failed connections.
  • Monitor transfer success rates.

​
Migration checklist

Use this checklist to ensure a smooth migration.

​
Pre-migration

  • Identify all FTP or Box FTPS connections.
  • Document current FTP or Box FTPS configurations.
  • Obtain your Box SFTP server address (sftp_address) and credentials.
  • Verify network connectivity to the Box SFTP server (port 22).
  • Test the Box SFTP connection manually.
  • Review security requirements (MFA, passwords, and so on).

​
Migration

  • Update FileZilla sites (if applicable).
  • Update Cyberduck bookmarks.
  • Update Beyond Compare profiles (if applicable).
  • Update command-line scripts (if applicable).
  • Update Workday integrations (if applicable).
  • Test all connections.
  • Verify file transfers work correctly.
  • Test MFA (if enabled).

​
Post-migration

  • Monitor connections for 24–48 hours.
  • Verify all scheduled transfers are working.
  • Update documentation.
  • Train users on new procedures.
  • Disable old FTP or Box FTPS connections after a verification period.
  • Archive old FTP or Box FTPS configurations.

​
General troubleshooting for all clients

​
Common connection issues

​
”Connection refused”

Possible causes:
  • Wrong port number (should be 22, not 21)
  • Firewall blocking port 22
  • Incorrect server address
Solutions:
  • Verify the port is 22.
  • Check firewall settings.
  • Confirm the server address is your sftp_address.
  • Test connectivity (for example, telnet sftp_address 22).

​
”Authentication failed”

Possible causes:
  • Incorrect username or password
  • MFA required but not provided
  • Account locked or disabled
  • Wrong protocol (FTP instead of SFTP)
Solutions:
  • Verify the username (your Box account email).
  • Check the password (case-sensitive).
  • If MFA is enabled, ensure you enter the verification code.
  • Contact your administrator if the account is locked.
  • Ensure the SFTP protocol is selected (not FTP).

​
”Host key verification failed”

Possible causes:
  • First connection to server
  • Server host key changed
Solutions:
  • Verify the host key with Using Box with SFTP and accept (first connection only).
  • If the key changed unexpectedly, contact your administrator.

​
”Connection timeout”

Possible causes:
  • Network issues
  • Firewall blocking connection
  • Server unavailable
  • Proxy configuration issues
Solutions:
  • Check network connectivity.
  • Verify firewall rules.
  • Test with ping to your sftp_address if ICMP is permitted.
  • Check proxy settings if applicable.
  • Contact your administrator to verify server status.

​
MFA issues

​
MFA prompt not appearing

Possible causes:
  • Client does not support keyboard-interactive authentication
  • MFA not enabled for your account
  • Wrong protocol
Solutions:
  • Use a client that supports keyboard-interactive authentication.
  • Verify MFA is enabled in your Box account.
  • Ensure the SFTP protocol is selected.
  • Contact your administrator for MFA setup.

​
MFA verification code not working

Possible causes:
  • Expired verification code (time-based codes expire quickly)
  • Wrong authenticator source (SMS or email)
  • Clock synchronization issues
  • Entering the code in the wrong field
  • Passing a whitespace character in the verification code
Solutions:
  • Enter the verification code immediately after generation.
  • Verify you are using the correct authenticator source (SMS or email).
  • Ensure the device clock is synchronized with internet time.
  • Enter the code in the Verification code: prompt (not the password field).
  • Pass the verification code without whitespace.

​
File transfer issues

​
Files not uploading

Possible causes:
  • Insufficient permissions
  • Box storage exceeded
  • File path does not exist
  • File name contains invalid characters
  • File size is too large
Solutions:
  • Verify you have write permissions in the folder.
  • Check available storage space in Box.
  • Ensure the target directory exists.
  • Avoid special characters in file names.
  • Ensure the file does not exceed 32 GB.

​
Files not downloading

Possible causes:
  • File does not exist
  • Insufficient permissions
  • Network interruption
  • Local disk full
Solutions:
  • Verify the file exists and the path is correct.
  • Check read permissions in the folder.
  • Ensure the local disk has enough space.
  • Retry the transfer.

​
Transfer speed issues

Possible causes:
  • Network congestion
  • Large file sizes
  • Encryption overhead
  • Geographic distance from server
Solutions:
  • Check network connection speed.
  • Consider transferring during off-peak hours.
  • Use compression for text files.
  • Enable parallel transfers if supported.

​
Performance tips

  • Binary mode: Always enabled for SFTP (automatic).
  • Compression: Use compression for text files (scp -C).
  • Parallel transfers: Use clients that support multiple concurrent transfers.
  • Resume capability: Box SFTP supports resuming interrupted downloads.
  • Keep-alive: Enable keep-alive to prevent connection timeout.

​
Glossary

  • FTP: File Transfer Protocol (unencrypted)
  • FTPS: File Transfer Protocol Secure (encrypted)
  • Box FTPS: Box service that exposes FTP over SSL or TLS (encrypted)
  • Box SFTP: Box service that exposes SSH File Transfer Protocol (encrypted)
  • MFA: Multi-Factor Authentication
  • SSH: Secure Shell
  • Host key: Server’s cryptographic identity
  • Keyboard-interactive: Authentication method that supports prompts