Configure an Existing User as EBICS Client User

You can configure an existing Sterling B2B Integrator user as an EBICS Client user from the Profile Management menu.

Configure the following in Sterling B2B Integrator:
  • Create trading partner entities.
  • Create user accounts using the trading partner entities, define permissions and password policies.
  • Configure upload and download mailboxes for each user.

A user can be under either one partner or multiple partners. A user is always associated with a partner to enable exchange of EBICS messages. To configure an existing Sterling B2B Integrator user as an EBICS Client user, complete the following steps:

  1. Log in to Sterling B2B Integrator EBICS Client.
  2. From the Profile management menu, select User.
  3. In the User Configuration page, next to Configure existing user as EBICS user click GO.
  4. In the User Configuration page, specify the values for the fields according to the instructions in the following table and click Next:
    Field Description
    User ID Required. Unique ID of the user in the bank's system, which corresponds to the user created in the EBICS Client dashboard. From the User ID drop-down list, select the user ID.
    User type Required. From the User type drop-down list, select the role of the user. Valid values are EBICS client admin, EBICS client operator, and EBICS client user.
    Timezone Optional. Specify the time zone of the user.
    Technical user Optional. A technical user is a system configured to submit orders on behalf of a non-technical or human user. This option is valid if you selected EBICS Client User as the user type. Select this check box to configure a Technical user.
    Certificate type Required if you selected EBICS client user as the user type. Select X509 if you are using X.509 public key certificate to authorize the certificates. Select Keys if you are using RSA keys to authorize the certificates.
    Note: EBICS Client supports non-encrypted keys only.
    Important: It is mandatory to select X509 as the Certificate Type for H005 protocol version.
  5. If you selected X509 as the certificate type, specify the values for the fields according to the instructions in the following table in the Technical Information page and click Next:
    Field Description
    Authentication private certificate Required. Select the private key the EBICS Client uses to create a digital signature for the user in the request sent to the bank. The bank must have the public part of the key to validate the authorization. The drop-down contains a list of certificates configured in the Sterling B2B Integrator system certificate store.
    Authentication public certificate Required. Select the public key the user provides to the bank to validate the authorization of the user in the request from the EBICS Client. The trading partner or user shares the key with the bank. The key must be a public part of the Sterling B2B Integrator system certificate that is selected as the authentication private certificate.
    Authentication key version The key version of the authentication certificate is displayed. Valid value is X002.
    Encryption private certificate Required. Select the private key the EBICS Client uses to decrypt the response received from the EBICS Banking Server. The drop-down contains a list of certificates configured in the Sterling B2B Integrator system certificate store.
    Encryption public certificate Required. Select the public part of the Sterling B2B Integrator system certificate that is selected as the encryption private certificate. The trading partner or user shares the key with the bank.
    Encryption key version The key version of the encryption certificate is displayed. Valid value is E002.
    Use hardware key-store for Electronic signature Optional. Select this option if you have an activated 3S Key token.
    Hardware key type 3S Key is displayed as the Hardware key type. 3SKey is a SWIFT secure signature key used for digital identity. You must activate the 3SKey token and register the key with the bank to enable you to sign and send messages to the bank.
    Electronic signature private key Optional. Select the private key of the Electronic Signature (ES) certificate if you are not using a hardware key for Electronic Signature.
    Electronic signature public key Required. Select the public key of the Electronic Signature (ES) certificate that is used to verify the signature of order data. The public key value of an electronic signature certificate should not be the same as an authentication or encryption certificate.
    Electronic signature key version Required if you are not using a hardware key store for electronic signature. Select the key version of the electronic signature certificate. Valid values are A005 and A006.

    If you are using a hardware key store for electronic signature, then the key version is set to A005 and it cannot be changed.
  6. If you selected Keys as the certificate type, specify the values for the fields according to the instructions in the following table in the Technical Information page and click Next:
    Field Description
    Authentication private key Required. Click Browse to select the file with the private part of the authentication key from your computer.
    Authentication public key Required. Click Browse to select the file with the public part of the authentication key from your computer.
    Authentication key version Required. Select the key version of the authentication certificate. Valid value is X002.
    Encryption private key Required. Click Browse to select the file with the private part of the encryption key from your computer.
    Encryption public key Required. Click Browse to select the file with the public part of the encryption key from your computer.
    Encryption key version Required. Select the key version of the encryption certificate. Valid value is E002.
    Electronic signature private key Required. Click Browse to select the file with the private part of the Electronic signature key from your computer.
    Electronic signature public key Required. Click Browse to select the file with the public part of the Electronic signature key from your computer.
    Electronic signature key version Required. Select the key version of the Electronic signature certificate. Valid values are A005 and A006.
  7. In the Associated Partners page, perform any of the following actions and click Next.
    • Click the add icon to associate a new partner with user.
    • Click the update icon next to the partner you want to edit.
    • Click the delete icon to disassociate a partner from the user.
  8. This step is applicable only if you opted to add a new partner or edit an existing partner.
    The bank assigns a set of permissions, order types, and file formats to a user based on the offer.
    In the Associated partner: User settings page, specify the values for the fields according to the instructions in the following table, and click Add partner.
    Field Description
    Partner name Required. From the Partner name drop-down list, select the partner to which a user is associated. A user can be associated with many partners.
    Note: Use the Sterling B2B Integrator dashboard to create trading partner entities.
    Upload mailbox path

    Required. Configure the upload mailbox and assign users to operate the mailbox in Sterling B2B Integrator.

    Specify the mailbox path for the uploaded messages. You must assign a mailbox path to store the unpacked messages from an EBICS request.
    If the mailbox (User ID, Partner name, Inbox), already exists in Sterling B2B Integrator and if you leave this field blank, an error message asking you to specify the default mailbox path is displayed.
    Note: Ensure that the mailbox path starts with a forward slash (/).
    Download mailbox path

    Required. Configure the download mailbox and assign users to operate the mailbox in Sterling B2B Integrator.

    Specify the mailbox path for the downloaded messages. You must assign a mailbox path to store the messages that are packaged as part of an EBICS response.
    If the mailbox (User ID, Partner name, Outbox) already exists in Sterling B2B Integrator, and if you leave this field blank, an error message asking you to specify the default mailbox path is displayed.
    Note: Ensure that the mailbox path starts with a forward slash (/).
  9. This step is applicable if you selected to configure the user delegation settings for a Technical user. In the Associated Partners page, perform any of the following actions and click Next.
    • Click the add icon to associate a new partner with the Technical user.
    • Click the update icon next to the partner you want to edit.
    • Click the delete icon to disassociate a partner from the Technical user.
  10. This step is applicable if you are configuring user delegation settings for a Technical user. In the Associated partner: User settings page, specify the values for the fields according to the instructions in the following table, and click Add partner.
    Field Description
    Partner name Required. From the Partner name drop-down list, select the partner to which a user is associated. A user can be associated with many partners.
    Note: Use the Sterling B2B Integrator dashboard to create trading partner entities.
    Delegate of Required. Select the user who will be delegating their tasks to the technical user.
  11. In the Associated Partners page, click Next.
  12. In the Confirm page, verify the user configuration settings, and click Finish. You can also click the Show All link next to Associate Partners to view the list of partners associated with the user.