In the Campaign Control Panel, you can interact with all SFTP servers that are connected to Campaign instances that you have access to. Most instances have connected SFTP servers (in some cases, development and stage instances may not be connected to any SFTP servers).

Access to SFTP servers is made using a SFTP client software, which you can find and download online. In order to connect to a server, either through such client application or an API, you must set up public SSH key and whitelist the IP address that connects to your SFTP server.

The Control panel lets you perform the actions below to manage your SFTP servers:

  • Monitor their storage capacity,
  • Manage IP addresses whitelisting: add or delete IP addresses ranges for one or several servers,
  • Manage public SSH keys to access your severs.

Detailed information on each of these actions is available in the sections below.

For more information on the Control Panel itself, refer to the dedicated documentation.

SFTP storage management

You may have different storage capacity provisioned on your SFTP server, depending on your contractual terms.

It is essential that you regularly monitor available space for each of your SFTP servers. Otherwise, you may not be able to save any additional files on the server anymore, or to successfully execute workflows that rely on the updates from this server.

The Top utilized SFTP disk capacity section in the header includes the top three most utilized servers attached to the instances that you have Admin access to. This information is available in every tab of the SFTP card. 


Information about the space used by all instances you have access to is available in the  Storage tab of the SFTP card. It is updated on each page refresh.



For each instace, a visual alert lets you know when its storage surpasses its capacity:

  • Orange: the instance surpassed 80% of its capacity.
  • Red: the instance surpasses 90% of its capacity.

Additional tips are also available to help you know how to proceed as your server approaches its capacity.

  1. Clean the SFTP server from old or unnecessary files.

    For more on how to access your SFTP server folder, refer to this section.

  2. Ensure that the workflows that clean your SFTP servers are successfully executing.

    For more on technical workflows in Adobe Campaign, refer to the dedicated Campaign Classic and Campaign Standard documentations.

  3. Reach out to your account team to request more storage (additional charges may apply).

  4. Reach out to Customer Care if you believe there is an issue.

IP range whitelisting

SFTP servers are protected. In order to be able to access them in order to view files or write new ones, you need to whitelist the public IP address of the system or client that accesses the servers.
The steps to manage IP addresses whitelisting are described in the section below.

CIDR (Classless Inter-Domain Routing) is the supported format when adding IP ranges with the Control Panel interface.

The syntax consists of an IP address, followed by a '/' character, and a decimal number. The format and its syntax are fully detailed in this article.

You can search on the internet for free online tools that will help you convert the IP range that you have in hand to CIDR format.

Make sure you follow the recommendations and limitations below when whitelisting IP addresses in the Control Panel.

  • Whitelist IP ranges rather than single IP addresses. To whitelist a single IP address, append a '/32' to it to indicate that the range only includes a single IP.
  • Do not whitelist very wide ranges, for example including > 265 IP addresses. The Control Panel will reject any CIDR-format ranges that are between /0 and /23.
  • Only public IP addresses can be whitelisted.
  • Make sure to regularly delete whitelisted IP addresses that you don't need anymore.

Follow the steps below to whitelist an IP range:

  1. Open the SFTP card, then select the IP Whistelisting tab.

  2. The list of whitelisted IP addresses displays for each instance.

    Select the desired instance from the left-hand side list, then click the Add new IP range button.

  3. Define the IP Range that you want to whitelist, in the CIDR format, then define the label that will display in the list.


    These special characters are allowed in the Label field:

    . _ - : / ( ) # , @ [ ] + = & ; { } ! $



    An IP range cannot overlap an existing whitelisted range. In that case, first delete the range that contains the overlapping IP.

    It is possible to whitelist a range for multiple instances.

    To do this, press the down arrow key or type the first letters of the desired instance, then select it from the suggestions list.

  4. Click the Save button. IP whitelist addition will be displayed as PENDING until the request is fully processed. This should only take a few seconds.

To delete whitelisted IP ranges, select them then click the Delete IP range button.



It is currently not possible to edit a whitelisted range. To modify an IP range, delete it, then create a one corresponding to your needs.

The Job Log in the Control Panel home page lets you monitor all changes that have been made to whitelisted IP addresses.

For more on the Control Panel interface, refer to this section.


Key management

Adobe recommends that all customers establish connection to their SFTP servers with a public and private key pair.

The steps to generate a public SSH key and add it to access the SFTP server are decribed below, as well as recommendations regarding  authentication.

Once access to the server is set up, remember to whitelist the IP addresses that will require access to the server so that you can connect to it. For more on this, refer to the dedicated section.


It is currently not possible to delete a SSH public key.

About the public SSH key

Make sure you always use the same authentication to connect to the server, and you are using a supported format for the key.

API integration with username and password

In very rare cases password based authentication is enabled on some SFTP servers. Adobe recommends that you use key based authentication, as this method is more efficient and secure. You can request to switch to key based authentication by contacting Customer Care. 


If you password expires, even if there are keys installed on your system, you will not be able to login to your SFTP accounts. 



The steps below are an example of SSH key creation only, please follow your organization guidelines with respect to SSH keys. The example below is just one example of how this can be done and serves as a helpful point of reference for communicating requirements to your team or internal network group. 

  1. Navigate to the Key Management tab, then click the Add public key button.

  2. In the dialog box that opens, select the username that you want to create the public key for, and the server for which you want to activate the key.


    The interface will check if a given username is active on a given instance and give you an option to activate the key on one or several instances. 

    One or more public SSH keys can be added for each user.

  3. Copy-paste the public SSH key. To generate a public key, follow the steps below corresponding to your operating system:


    The public SSH key size should be 2048 bits.

    Linux and Mac:

    Use the Terminal to generate a public and private key pair:

    1. Enter the command: "ssh-keygen -t rsa -C <>".
    2. Provide a name to your key when prompted. If the .ssh directory does not exist, the system will create one for you.
    3. Enter, then re-enter, a passphrase when prompted. It can also be left blank.
    4. A key pair "name" and "" is created by the system. Search for the "" file, then open it. It should have alpha-numeric string ending with the email address that you specified. 


    You might need to install a third party tool that will help you generate private/public key pair in the same format "".

  4. Open the .pub file, then copy-paste the whole string starting with "ssh..." into Control Panel.

  5. Click the Save button to create the key. Control Panel saves the Public key and its associated Fingerprint, encrypted with the SHA256 format.

    You can use fingerprints to match the Private keys that are saved on your computer with the corresponding Public keys saved in Control Panel. 



    The "..." button allows you to delete an existing key, or to copy its associated fingerprint into your clipboard.


Logging into your SFTP server

The steps below detail how to connect your SFTP server through your SFTP client application.

Before logging in to the server, make sure that:

  • Your SFTP server is  hosted by Adobe.
  • Your username has been setup for the server. You can check this information directly in Control Panel, in the Key management tab from the SFTP Card.
  • You have a private and public key pair to login to the SFTP server. Refer to the section above for more on how to add the SSH key.
  • Your public IP address has been whitelisted on the SFTP server. If not, refer to section above for more on how to whitelist your IP range.
  • You have an access to a SFTP client software. You can consult your IT department for SFTP client application that they recommend to use, or search for one on the internet if this is allowed by your company policies.

Follow the steps below to connect your SFTP server:

  1. Launch Control Panel, then select the Key Management tab from the SFTP card.

  2. Launch your SFTP client application, then copy-paste the server address from Control Panel, followed by "", then fill in your username.

  3. In the SSH Private Key field, select the private key file stored in your computer. It corresponds to a text file that has the same name as your public key, without the ".pub" extension (e.g., "enable").


    The Password field is automatically filled in with the private key from the file.


    You can check that the key you are trying to use is saved in the Control Panel by comparing the fingerprint of the private or public key with the fingerprint of the keys appearing in the SFTP card's Key Management tab.



    If you are using a Mac computer, you can view the fingerprint of the private key stored in your computer by running this command:  "ssh-keygen -lf <path of the privatekey>"

  4. Once all the information filled in, click Connect to log in to your SFTP server.


Common questions

You most likely need to get an access to the Stage/Dev instance in order to be able to manipulate stage/dev instances’ SFTP server.

Reach out to your Organization Administrators so that they add you to the instance's admin users list for the desired stage/dev instance. Detailed information is available here.

FTP servers won’t be hosted by Adobe. 

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License  Twitter™ and Facebook posts are not covered under the terms of Creative Commons.

Legal Notices   |   Online Privacy Policy