Connect to an SFTP file server from workflows in Azure Logic Apps

Applies to: Azure Logic Apps (Consumption + Standard)

This how-to guide shows how to access your SSH File Transfer Protocol (SFTP) server from a workflow in Azure Logic Apps. SFTP is a network protocol that provides file access, file transfer, and file management over any reliable data stream and uses the Secure Shell (SSH) protocol.

In Consumption logic app workflows, you can use the SFTP-SSH managed connector, while in Standard logic app workflows, you can use the SFTP built-in connector or the SFTP-SSH managed connector. You can use these connector operations to create automated workflows that run when triggered by events in your SFTP server or in other systems and run actions to manage files on your SFTP server. Both the managed and built-in connectors use the SSH protocol.

For example, your workflow can start with an SFTP trigger that monitors and responds to events on your SFTP server. The trigger makes the outputs available to subsequent actions in your workflow. Your workflow can run SFTP actions that get, create, and manage files through your SFTP server account. The following list includes more example tasks:

  • Monitor when files are added or changed.
  • Get, create, copy, rename, update, list, and delete files.
  • Create folders.
  • Get file content and metadata.
  • Extract archives to folders.

The following steps use the Azure portal, but with the appropriate Azure Logic Apps extension, you can also use the following tools to create and edit logic app workflows:

Connector technical reference

The SFTP connector has different versions, based on logic app type and host environment.

Logic app type (plan) Environment Connector version
Consumption Multi-tenant Azure Logic Apps Managed connector, which appears in the designer under the Standard label. For more information, review the following documentation:

- SFTP-SSH managed connector reference
- Managed connectors in Azure Logic Apps
Consumption Integration service environment (ISE) Managed connector, which appears in the designer under the Standard label, and the ISE version, which appears in the designer with the ISE label and has different message limits than the managed connector. For more information, review the following documentation:

- SFTP-SSH managed connector reference
- ISE message limits
- Managed connectors in Azure Logic Apps
Standard Single-tenant Azure Logic Apps and App Service Environment v3 (Windows plans only) Managed connector, which appears in the designer under the Azure label and built-in connector, which appears in the designer under the Built-in label and is service provider based. The built-in connector can directly access Azure virtual networks with a connection string. For more information, review the following documentation:

- SFTP-SSH managed connector reference
- SFTP built-in connector reference

- Managed connectors in Azure Logic Apps
- Built-in connectors in Azure Logic Apps

General limitations

Known issues

By default, triggers that return an array have a Split On setting that's already enabled. With this setting enabled, the trigger automatically debatches the array by internally creating a separate workflow instance to process each array item. All the workflow instances run in parallel so that the array items are processed at the same time.

However, when the Split On setting is enabled, managed connector triggers return the outputs for all the array items as lists. Any subsequent actions that reference these outputs have to first handle these outputs as lists. To handle each array item individually, you can add extra actions. For example, to iterate through these array items, you can use a For each loop. For triggers that return only metadata or properties, use an action that gets the array item's metadata first, and then use an action to get the items contents.

You have to apply this approach only for managed connector triggers, not built-in connector triggers that return outputs for one array item at a time when the Split On setting is enabled.

For example, suppose you have managed connector trigger named When a file is added or modified (properties only) that returns the metadata or properties for the new or updated files as arrays. To get the metadata separately for each file, you might use a For each loop that iterates through the array. In this loop, use the following managed connector actions in the specified order:

  1. Get file metadata to get each file's metadata.

  2. Get file content action to get each file's content.

Chunking

For more information about how the SFTP-SSH managed connector can handle large files exceeding default size limits, see SFTP-SSH managed connector reference - Chunking.

Prerequisites

Add an SFTP trigger

  1. In the Azure portal, open your blank logic app workflow in the designer.

  2. On the designer, under the search box, select Standard. In the search box, enter sftp.

  3. From the triggers list, select the SFTP-SSH trigger that you want to use.

  4. If prompted, provide the necessary connection information. When you're done, select Create.

  5. After the trigger information box appears, provide the necessary details for your selected trigger. For more information, see SFTP-SSH managed connector triggers reference.

  6. When you're done, save your workflow. On the designer toolbar, select Save.

When you save your workflow, this step automatically publishes your updates to your deployed logic app, which is live in Azure. With only a trigger, your workflow just checks the FTP server based on your specified schedule. You have to add an action that responds to the trigger and does something with the trigger outputs.

For example, the trigger named When a file is added or modified starts a workflow when a file is added or changed on an SFTP server. As a subsequent action, you can add a condition that checks whether the file content meets your specified criteria. If the content meets the condition, use the action named Get file content to get the file content, and then use another action to put that file content into a different folder on the SFTP server.

Add an SFTP action

Before you can use an SFTP action, your workflow must already start with a trigger, which can be any kind that you choose. For example, you can use the generic Recurrence built-in trigger to start your workflow on specific schedule.

  1. In the Azure portal, open your logic app workflow in the designer.

  2. Under the trigger or action where you want to add the action, select New step.

    Or, to add the action between steps, move your pointer over the connecting arrow. Select the plus sign (+) that appears, and then select Add an action.

  3. Under the Choose an operation search box, select Standard. In the search box, enter sftp.

  4. From the actions list, select the SFTP-SSH action that you want to use.

  5. If prompted, provide the necessary connection information. When you're done, select Create.

  6. After the action information box appears, provide the necessary details for your selected action. For more information, see SFTP-SSH managed connector actions reference.

  7. When you're done, save your workflow. On the designer toolbar, select Save.

For example, the action named Get file content using path gets the content from a file on an SFTP server by specifying the file path. You can use the trigger from the previous example and a condition that the file content must meet. If the condition is true, a subsequent action can get the content.


Troubleshooting

For more information, see the following documentation:

Next steps