Sterling B2B Integrator - Managing Profiles in EBICS Client

A Super admin or an EBICS Client admin can configure bank, user, offer, and file format profiles.

Profile Management in EBICS Client enables you to configure the following profiles. A Super admin or an EBICS Client admin can configure the profiles.

  • Bank
  • User
  • Offer
  • File format
Note: A Super admin is the default admin role created when EBICS Client is installed. An authorized user can log in to the EBICS Client dashboard interface using the super admin login credentials and configure an EBICS Client admin, EBICS Client operator, and EBICS Client user and other profiles. An EBICS Client admin can also configure an EBICS Client admin, EBICS Client operator, EBICS Client user, and other profiles.

You can configure an existing Sterling B2B Integrator user as an EBICS Client user from the Profile Management menu.

Configure the following in Sterling B2B Integrator:
  • Create trading partner entities.
  • Create user accounts using the trading partner entities, define permissions and password policies.
  • Configure upload and download mailboxes for each user.

A user can be under either one partner or multiple partners. A user is always associated with a partner to enable exchange of EBICS messages. To configure an existing Sterling B2B Integrator user as an EBICS Client user, complete the following steps:

  1. Log in to Sterling B2B Integrator EBICS Client.
  2. From the Profile management menu, select User.
  3. In the User Configuration page, next to Configure existing user as EBICS user click GO.
  4. In the User Configuration page, specify the values for the fields according to the instructions in the following table and click Next:
    Field
    Description
    User IDRequired. Unique ID of the user in the bank's system, which corresponds to the user created in the EBICS Client dashboard. From the User ID drop-down list, select the user ID.
    User typeRequired. From the User type drop-down list, select the role of the user. Valid values are EBICS client admin, EBICS client operator, and EBICS client user.
    TimezoneOptional. Specify the time zone of the user.
    Technical userOptional. A technical user is a system configured to submit orders on behalf of a non-technical or human user. This option is valid if you selected EBICS Client User as the user type. Select this check box to configure a Technical user.
    Certificate typeRequired if you selected EBICS client user as the user type. Select X509 if you are using X.509 public key certificate to authorize the certificates. Select Keys if you are using RSA keys to authorize the certificates.
    Note: EBICS Client supports non-encrypted keys only.
  5. If you selected X509 as the certificate type, specify the values for the fields according to the instructions in the following table in the Technical Information page and click Next:
    Field
    Description
    Authentication private certificateRequired. Select the private key the EBICS Client uses to create a digital signature for the user in the request sent to the bank. The bank must have the public part of the key to validate the authorization. The drop-down contains a list of certificates configured in the Sterling B2B Integrator system certificate store.
    Authentication public certificateRequired. Select the public key the user provides to the bank to validate the authorization of the user in the request from the EBICS Client. The trading partner or user shares the key with the bank. The key must be a public part of the Sterling B2B Integrator system certificate that is selected as the authentication private certificate.
    Authentication key versionThe key version of the authentication certificate is displayed. Valid value is X002.
    Encryption private certificateRequired. Select the private key the EBICS Client uses to decrypt the response received from the EBICS Banking Server. The drop-down contains a list of certificates configured in the Sterling B2B Integrator system certificate store.
    Encryption public certificateRequired. Select the public part of the Sterling B2B Integrator system certificate that is selected as the encryption private certificate. The trading partner or user shares the key with the bank.
    Encryption key versionThe key version of the encryption certificate is displayed. Valid value is E002.
    Use hardware key-store for Electronic signatureOptional. Select this option if you have an activated 3S Key token.
    Hardware key type3S Key is displayed as the Hardware key type. 3SKey is a SWIFT secure signature key used for digital identity. You must activate the 3SKey token and register the key with the bank to enable you to sign and send messages to the bank.
    Electronic signature private keyOptional. Select the private key of the Electronic Signature (ES) certificate if you are not using a hardware key for Electronic Signature.
    Electronic signature public keyRequired. Select the public key of the Electronic Signature (ES) certificate that is used to verify the signature of order data. The public key value of an electronic signature certificate should not be the same as an authentication or encryption certificate.
    Electronic signature key versionRequired if you are not using a hardware key store for electronic signature. Select the key version of the electronic signature certificate. Valid values are A005 and A006.

    If you are using a hardware key store for electronic signature, then the key version is set to A005 and it cannot be changed.

  6. If you selected Keys as the certificate type, specify the values for the fields according to the instructions in the following table in the Technical Information page and click Next:
    Field
    Description
    Authentication private keyRequired. Click Browse to select the file with the private part of the authentication key from your computer.
    Authentication public keyRequired. Click Browse to select the file with the public part of the authentication key from your computer.
    Authentication key versionRequired. Select the key version of the authentication certificate. Valid value is X002.
    Encryption private keyRequired. Click Browse to select the file with the private part of the encryption key from your computer.
    Encryption public keyRequired. Click Browse to select the file with the public part of the encryption key from your computer.
    Encryption key versionRequired. Select the key version of the encryption certificate. Valid value is E002.
    Electronic signature private keyRequired. Click Browse to select the file with the private part of the Electronic signature key from your computer.
    Electronic signature public keyRequired. Click Browse to select the file with the public part of the Electronic signature key from your computer.
    Electronic signature key versionRequired. Select the key version of the Electronic signature certificate. Valid values are A005 and A006.
  7. In the Associated Partners page, perform any of the following actions and click Next.
    • Click the add icon to associate a new partner with user.
    • Click the update icon next to the partner you want to edit.
    • Click the delete icon to disassociate a partner from the user.
  8. This step is applicable only if you opted to add a new partner or edit an existing partner.
    The bank assigns a set of permissions, order types, and file formats to a user based on the offer.
    In the Associated partner: User settings page, specify the values for the fields according to the instructions in the following table, and click Add partner.
    Field
    Description
    Partner nameRequired. From the Partner name drop-down list, select the partner to which a user is associated. A user can be associated with many partners.
    Note: Use the Sterling B2B Integrator dashboard to create trading partner entities.
    Upload mailbox path

    Required. Configure the upload mailbox and assign users to operate the mailbox in Sterling B2B Integrator.

    Specify the mailbox path for the uploaded messages. You must assign a mailbox path to store the unpacked messages from an EBICS request.
    If the mailbox (User ID, Partner name, Inbox), already exists in Sterling B2B Integrator and if you leave this field blank, an error message asking you to specify the default mailbox path is displayed.
    Note: Ensure that the mailbox path starts with a forward slash (/).
    Download mailbox path

    Required. Configure the download mailbox and assign users to operate the mailbox in Sterling B2B Integrator.

    Specify the mailbox path for the downloaded messages. You must assign a mailbox path to store the messages that are packaged as part of an EBICS response.
    If the mailbox (User ID, Partner name, Outbox) already exists in Sterling B2B Integrator, and if you leave this field blank, an error message asking you to specify the default mailbox path is displayed.
    Note: Ensure that the mailbox path starts with a forward slash (/).
  9. This step is applicable if you selected to configure the user delegation settings for a Technical user. In the Associated Partners page, perform any of the following actions and click Next.
    • Click the add icon to associate a new partner with the Technical user.
    • Click the update icon next to the partner you want to edit.
    • Click the delete icon to disassociate a partner from the Technical user.
  10. This step is applicable if you are configuring user delegation settings for a Technical user. In the Associated partner: User settings page, specify the values for the fields according to the instructions in the following table, and click Add partner.
    Field
    Description
    Partner nameRequired. From the Partner name drop-down list, select the partner to which a user is associated. A user can be associated with many partners.
    Note: Use the Sterling B2B Integrator dashboard to create trading partner entities.
    Delegate ofRequired. Select the user who will be delegating their tasks to the technical user.
  11. In the Associated Partners page, click Next.
  12. In the Confirm page, verify the user configuration settings, and click Finish. You can also click the Show All link next to Associate Partners to view the list of partners associated with the user.

You can search for a user profile from the Profile Management menu.

To search for a user profile, complete the following steps:

  1. Log in to Sterling B2B Integrator EBICS Client.
  2. From the Profile management menu, select User.
  3. In the User Configuration page, perform one of the following actions, and click GO.
    • In the User ID field under Search, enter either a part of the user ID or the entire user ID of the user profile you are searching for.
    • From the Alphabetically drop-down list, select the first letter with which the ID of the user you are searching for, begins.

You must be logged in to the EBICS Client dashboard interface as an administrator to update a user profile, delete a user profile, or view the summary of a user.

To edit a user profile, complete the following steps:

  1. Log in to Sterling B2B Integrator EBICS Client.
  2. From the Profile management menu, select User.
  3. In the User Configuration page, using either Search or List, locate and select the user ID you want to edit, and click GO.
    You can click the user ID to view the user profile settings.
  4. Click the update icon next to the user ID you want to edit.
  5. In the Update: User Configuration page, specify the values for the fields according to the instructions in the following table and click Next:
    Field
    Description
    TimezoneOptional. Select the time zone of the user.
    Technical userOptional. A technical user is a system configured to submit orders on behalf of a non-technical or human user. This option is valid if you selected EBICS Client User as the user type. Select this check box to configure a Technical user.
    Certificate typeRequired if you selected EBICS client user as the user type. Select X509 if you are using X.509 public key certificate to authorize the certificates. Select Keys if you are using RSA keys to authorize the certificates.
    Note: EBICS Client supports non-encrypted keys only.
  6. If you selected X509 as the certificate type, specify the values for the fields according to the instructions in the following table in the Technical Information page and click Next:
    Field
    Description
    Authentication private certificateRequired. Select the private key the EBICS Client uses to create a digital signature for the user in the request sent to the bank. The bank must have the public part of the key to validate the authorization. The drop-down contains a list of certificates configured in the Sterling B2B Integrator system certificate store.
    Authentication public certificateRequired. Select the public key the user provides to the bank to validate the authorization of the user in the request received from the EBICS Client. The trading partner or user shares the key with the bank. The key must be a public part of the Sterling B2B Integrator system certificate that is selected as the authentication private certificate.
    Authentication key versionThe key version of the authentication certificate is displayed. Valid value is X002.
    Encryption private certificateRequired. Select the private key the EBICS Client uses to decrypt the response received from the EBICS Banking Server. The drop-down contains a list of certificates configured in the Sterling B2B Integrator system certificate store.
    Encryption public certificateRequired. Select the public part of the Sterling B2B Integrator system certificate that is selected as the encryption private certificate. The trading partner or user shares the key with the bank.
    Encryption key versionThe key version of the encryption certificate is displayed. Valid value is E002.
    Use hardware key-store for Electronic signatureOptional. Select this option if you have an activated 3S Key token registered with the bank.
    Hardware key type3S Key is displayed as the Hardware key type. 3SKey is a SWIFT secure signature key used for digital identity. You must activate the 3SKey token and register the key with the bank to enable you to sign and send messages to the bank.
    Electronic signature private keyOptional. Select the private key of the Electronic Signature (ES) certificate if you are not using a hardware key for Electronic Signature.
    Electronic signature public keyRequired. Select the public key of the Electronic Signature (ES) certificate that is used to verify the signature of order data. The public key value of an Electronic Signature certificate should not be the same as an authentication or encryption certificate.
    Electronic signature key versionRequired if you are not using a hardware key store for electronic signature. Select the key version of the electronic signature certificate. Valid values are A005 and A006.

    If you are using a hardware key store for electronic signature, then the key version is set to A005 and it cannot be changed.

  7. If you selected Keys as the certificate type, specify the values for the fields according to the instructions in the following table in the Technical Information page and click Next:
    <
    Field
    Description
    Authentication private keyRequired. Click Browse to select the file with the private part of the authentication key from your computer.
    Authentication public key