How to set up an AS2 EDI connection

An AS2 EDI connection involves JSCAPE software, exchanging connection a with your trading partner, and using digital certificates to enhance security.
  1. Blog

Many organizations that employ electronic data interchange (EDI) in their business-to-business (B2B) transactions exchange EDI messages through the Applicability Statement 2 (AS2) protocol. EDI communications carried out over AS2 are sometimes called AS2 EDI. Known for being secure, cost effective and reliable, AS2 EDI is commonly used in automobile and manufacturing supply chains. It’s also popular in healthcare, retail and e-commerce industries.

A graphic of AS2 connection between two companies

In this post, we’ll give you an overview of what it takes to set up an AS2 EDI connection. If you prefer to dive into a more detailed step-by-step tutorial on this topic, read our blog post on how to set up an AS2 server. Before we proceed, let’s briefly review the motivations for using AS2 EDI.

What drives companies to use AS2 EDI?

When two trading partners decide to adopt electronic data interchange for their B2B transactions, they have to agree on a method for exchanging EDI data. This data is received from Enterprise Resource Planning (ERP) systems or other business applications and consists of digitized business documents like purchase orders, invoices, advance ship notices (ASNs) and many others.

Depending on the format the two participating partners agree on, these documents are usually encoded in structured formats such as ANSI X12, EDIFACT, XML or even plain comma-separated value (CSV) text files. Although AS2 is now often the preferred method for transmitting these files, there are other EDI solutions that can be used for this purpose.

For instance, in the past, the most common method for EDI data exchange used to be Value Added Networks (VANs). VANs are third-party service providers that act as middlemen between two transacting trading partners.

Why use AS2 instead of a VAN?

The popularity of VANs in EDI communications started to wane when businesses realized that EDI data exchanges through a direct, point-to-point solution presented multiple advantages over an intermediary like a VAN. So why exactly is a point-to-point solution like AS2 better than a value-added network? Here are some of the reasons businesses are choosing AS2 over a VAN:

  • Cost savings: - VANs quickly become cost-prohibitive once your business grows and consequently requires a larger number of transactions and EDI files. An AS2 solution scales without incurring as much added cost.
  • Greater control:  - When you course EDI communications through a VAN, you lose control over the speed, reliability and security of your EDI exchanges. If your VAN responds poorly to issues that affect those properties, your business can suffer. With an on-premise AS2 solution, you’ll be able to act on those issues right away.
  • Fast onboarding: - Some VANs can take months to onboard a new trading partner. This amount of delay can result in lost opportunities. In comparison, a trading partner with the right AS2 solution can be onboarded in as little as a few days.

Driven by these benefits, many large enterprises include AS2 as a requirement for trading partners that wish to do business with them. In the retail sector, for example, Walmart requires suppliers to use AS2.

AS2 isn’t the only point-to-point solution for exchanging EDI messages. Theoretically speaking, you can use any general-purpose file transfer solution as well. That said, AS2 offers a significant advantage over these options. Let us show you with a free trial.

Why use AS2 instead of general-purpose file transfer protocols?

If all you need is a point-to-point solution that would allow you to transfer business-related data over the internet, any Transmission Control Protocol/Internet Protocol (TCP/IP)-based protocol with file transfer functionality should suffice.

Of course, since business data has to be protected from cyber threats, unencrypted protocols like the standard File Transfer Protocol (FTP) won’t do. You would need more secure protocols like Secure File Transfer Protocol (SFTP) or File Transfer Protocol Secure (FTPS).

Protocols like SFTP and FTPS are not only capable of transmitting files over the internet but are also equipped with data security features like encryption, authentication, and data integrity mechanisms. These features enable you to protect EDI payloads and other sensitive data as you transmit them across the internet.

That said, AS2 has one crucial feature not found in these protocols. AS2 supports what’s known as Message Disposition Notification (MDN). An MDN is a special feature that requires receiving trading partners to send back a digitized acknowledgement for every file it receives from a sending trading partner.

This electronic receipt, which can even be sent back in near real-time when the MDN configuration is set to “‘synchronous”’, adds a non-repudiation component to file transfers. Non-repudiation is crucial in B2B exchanges because it gives you, the sender, undeniable proof that the file you sent out arrived at its destination intact and untampered.

Sample AS2 EDI use cases

The following use cases illustrate how AS2 EDI may be used in different industries.

AS2 in the manufacturing industry

A manufacturer and supplier may use AS2 to exchange purchase orders, dispatch advises, order fulfillment, invoices and other relevant documents. AS2 ensures secure and timely transmission of these critical documents, enabling efficient inventory management, order fulfillment, and payment processing across the supply chain.

AS2 in the healthcare industry

Healthcare providers and insurance companies may use AS2 to exchange patient claims, diagnosis codes, treatment details, claims adjudication information, payment decisions and explanations of benefits (EOBs). AS2 EDI streamlines the claims processing workflow, reduces paperwork, minimizes errors and accelerates reimbursement for healthcare services rendered.

Key requirements for setting up an EDI AS2 connection

To establish an AS2 EDI connection with a trading partner, you must meet a few technical requirements. At the minimum, you must deploy an AS2 software and exchange connection details with your trading partner.

1. Deploy an AS2 software

First, you’ll need to deploy a software application that can send and receive AS2 messages. Since this application is supposed to exchange EDI data, it must not only have file transfer capabilities, but also support a range of security features suited for business processes.

That’s not all. Since today’s business processes have to be efficient, timely and accurate, your AS2 file transfer software must readily support automation. One example is JSCAPE MFT Server by Redwood, which we’ll elaborate more on in a short while.

Most AS2 software is difficult to deploy, but here’s a quick start guide that will help you get an AS2 server up and running in no time.

2. Exchange connection details with your trading partner

Once you’ve deployed your AS2 solution, the next step is to exchange AS2 connection details with your trading partner. This information will enable you and your trading partner to interconnect your respective AS2 solutions. At the bare minimum, you’ll need the following information from your trading partner:

  • Your trading partner’s AS2 URL a.k.a. AS2 endpoint URL. This is usually either an HTTP or HTTPS URL that specifies where AS2 messages for this particular trading partner should be sent. In the same manner, you must also share your own AS2 URL with your trading partner. For example, this is where you would enter a trading partner AS2 URL on JSCAPE MFT Server:

    A screenshot of the JSCAPE MFT Server

  • Your trading partner’s AS2 identifier or AS2 ID. You’ll need to input this identifier into the “‘From ID”’ field of your AS2 solution’s trading partner settings. In most cases, you’ll be entering this alongside your own AS2 identifier, which goes into the “‘To ID”’ field. For example, this is where you would input these two AS2 IDs on JSCAPE MFT Server:

    These identifiers will be added to your respective AS2 headers during transmission and will be used in identifying the sender and receiver of an EDI exchange.

It goes without saying, that you and your trading partner must enter the information shared to your respective AS2 solution trading partner settings. To clarify, you must enter the information shared by your trading partner, and your trading partner must likewise enter the information you shared with them.

We discussed all these settings and where you’re supposed to enter them on JSCAPE MFT Server in our AS2 quick start guide, so you can review that for reference.

While these basic requirements will already enable you to exchange EDI data with your trading partner, you’ll have to use digital certificates if you want to take full advantage of AS2’s security features.

3. Use digital certificates

AS2 security features like encryption/decryption, data integrity and even non-repudiation rely on the presence of digital certificates. Basically, in order to use these features, you and your trading partner must exchange digital certificates.

More specifically, you have to export your digital certificate and share it with your trading partner. Similarly, your trading partner must also export its digital certificate and share it with you. Once you’ve both acquired each other’s digital certificate, you must both import those certificates into your respective AS2 software.

The digital certificate you share with your trading partner contains a public key that corresponds to a private key stored in your AS2 software. Similarly, the digital certificate your trading partner shares with you contains a public key that corresponds to a private key stored in your trading partner’s AS2 software. Public/private key pairs work together to encrypt and decrypt data as well as apply and validate digital signatures, which are needed for in achieving data integrity and non-repudiation.

You’ll need digital certificates regardless of whether you run your AS2 connection over HTTPS or use AS2’s built-in encryption and digital signing capabilities. An AS2-over-HTTPS connection relies on HTTPS’ underlying Secure Sockets Layer/Transport Layer Security (SSL/TLS) cryptographic protocol to support data-in-transit encryption and mutual authentication.

If you wish to apply digital certificates to your AS2 connections, we encourage you to read the following articles:

Set up automated AS2 EDI connections with JSCAPE

On-premises AS2 solutions, like JSCAPE MFT Server, are in a better position to streamline your EDI workflows compared to VANs because they can be tightly integrated with your other on-premises IT solutions. This tight integration allows you to automate your workflows — a crucial capability for today’s business processes. JSCAPE MFT Server comes with a REST API and a range of connectors that make integration with other IT solutions fast and easy.

Of course, in order to easily automate your EDI workflows at the communications portion of your EDI environment, your AS2 solution must readily support automation.

A graphic of the AS2 connection between two companies

JSCAPE MFT Server comes with a graphical, low-code/no-code automation feature that enables you to quickly configure automated workflows with just a few clicks. This will allow you to send EDI documents on a schedule or in response to an event. For a tutorial on AS2 automation using JSCAPE MFT Server, read our blog post “How to set up automated AS2 file transfers

Would you like a demo showing how easy it is to set up AS2 EDI connections and automated workflows using JSCAPE MFT Server? Schedule a demo now.