Every developer who has been handed “the partner needs SFTP” knows where it goes: a VM, an SSH daemon, an OS to keep patched, an authorized_keys file to manage, a cron job to sweep the inbox, and a script to push each file into whatever your application actually wants. That is a small fleet of moving parts standing between a file landing and your code seeing it. Hosted SFTP collapses that into an endpoint someone else operates — and FTPasHTTPS takes it one step further by making that endpoint API-native, so the upload arrives at your application as an HTTP request rather than a file on a volume you now have to guard.
How hosted SFTP works on FTPasHTTPS
- Provision a server in the dashboard with a small JSON config — no VM, container or SSH daemon to stand up.
- Register your partners' SSH public keys against named users; key management lives in the dashboard, not an
authorized_keysfile. - A client connects over SFTP with key auth and runs
STOR(upload) orRETR(download) exactly as it would against any SFTP server. - On upload, the file bytes stream straight into the body of an HTTPS
POSTto your endpoint — or into S3, GCS, Azure Blob or another SFTP server — never touching disk. - On download, FTPasHTTPS calls your API and streams the returned bytes back to the client.
- Your API's status maps to the client's transfer result:
200becomes226 Transfer complete, a5xxbecomes451 Action abortedso the client retries.
Configuration + example
A hosted SFTP server is declared as a compact, IaC-friendly JSON document. You set the protocol, the SSH-key auth mode, the users with their public keys, and a forward target for where uploads should go:
# Hosted SFTP server with an HTTP POST forward
{
"protocol": "sftp",
"domain": "files.example.com",
"auth": { "type": "ssh-key" },
"users": [
{
"username": "acme-partner",
"ssh_keys": [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAI..."
]
}
],
"forward": {
"type": "http",
"url": "https://api.example.com/v1/ingest",
"method": "POST",
"sign_with": "hmac-sha256"
}
}
Your partner — or you, while testing — then connects with a normal SFTP client and puts a file. Nothing about the client side is special:
# Connect to your hosted SFTP endpoint and upload sftp -i acme_key [email protected] sftp> put orders-2026-06-20.csv Uploading orders-2026-06-20.csv 100% 42KB 226 Transfer complete # Behind the scenes, the bytes streamed into a signed # POST to https://api.example.com/v1/ingest — no disk involved
One config, any destination. Swap the forward block to point the same hosted SFTP endpoint at a webhook, an S3 / GCS / Azure Blob bucket, or another SFTP server — no client-side change. See SFTP to HTTP POST for the request shape and SFTP to S3 for cloud-storage forwarding.
FTPasHTTPS hosted SFTP vs. a DIY SFTP box
| Concern | DIY: self-hosted SFTP box (+cron+script) | FTPasHTTPS hosted SFTP |
|---|---|---|
| OS patching & uptime | You own the VM, daemon and kernel CVEs | Managed for you — nothing to patch |
| Key management | Edit authorized_keys by hand | SSH keys managed per user in the dashboard |
| Where files go | Land on a disk, then a script moves them | Stream to your API, cloud or SFTP — no disk |
| Transforms | Extra script and dependencies | Inline CSV/JSON/XML, schema validation, PGP |
| Retries & DLQ | Hand-rolled, often missing | Exponential backoff + dead-letter queue |
| Audit trail | Scattered across syslog | Full audit log per transfer |
| Protocols | Usually SFTP only | FTP, FTPS and SFTP, IPv4/IPv6 |
When to use it (and the limits)
Hosted SFTP is the right call when a partner mandates SFTP but you would rather not own an internet-facing SSH daemon, when you want uploads to arrive as HTTP requests or land directly in cloud storage, and when you want SSH keys, transforms and retries managed for you. SFTP (SSH key auth), custom domains, inline transforms and schema validation begin on the Professional plan (€49/server/month: 10,000 transfers, 50GB). The Free and Starter tiers are FTP/FTPS only, so you can prototype the same forwarding contract over FTPS before a partner cuts over to SFTP.
A few limits worth knowing up front: forwarding happens per file at transfer time, so this is not a batch tool for re-syncing files you already have somewhere. Object keys and request shapes are derived from the upload, not from arbitrary client paths. And throughput is bounded by each plan's monthly transfer and size caps — 10,000 transfers / 50GB on Professional, 50,000 / 250GB on Enterprise. FTPasHTTPS is GDPR-aligned and EU-hosted.
Plans for hosted SFTP
Pricing is per server per month, so a hosted SFTP endpoint costs the same whether one partner or one team uses it. Free (€0) is FTP-only with 100 transfers, 1GB and a single user, needs no credit card, and is the fastest way to prove a forwarding flow end to end. Starter (€19) adds FTPS on top of FTP with 1,000 transfers and 5GB, which is enough to run a real low-volume integration over TLS. Neither of these tiers includes SFTP, but the forward target you configure on them behaves identically once you upgrade, so nothing you build is throwaway.
SFTP itself begins on Professional (€49), which unlocks SSH-key SFTP, a custom domain, inline transforms (CSV↔JSON↔XML, compression) and schema validation, with 10,000 transfers and 50GB. Enterprise (€99) is for partners that demand more controls: it adds SSO/SAML, a dedicated IP you can hand to a partner's allow-list, PGP encryption and unlimited users, with 50,000 transfers and 250GB. Because every tier shares the same streaming, signing, retry and audit machinery, moving up a plan is a configuration change, not a re-architecture.
Frequently asked questions
What is hosted SFTP and how is it different from a managed SFTP server?
Hosted SFTP means you get a ready-to-use SFTP endpoint that someone else operates, so there is no SSH daemon to install, no OS to patch and no authorized_keys file to edit. FTPasHTTPS goes further than a plain managed SFTP box because it is API-native: every upload streams into an HTTPS POST to your endpoint instead of landing on disk.
Do I have to run a server for hosted SFTP on FTPasHTTPS?
No. There is no server, VM or container for you to provision, patch or scale. You define a server in the dashboard with a small JSON config, register SSH keys per user, and point clients at the endpoint. This is the serverless SFTP model, billed per server per month.
Does hosted SFTP on FTPasHTTPS use SSH key authentication?
Yes. SFTP uses SSH key authentication, which you register per user, so there are no shared passwords to leak. You manage every public key from the dashboard rather than editing an authorized_keys file by hand.
Can hosted SFTP uploads be delivered straight to my API?
Yes. On upload, the file bytes stream straight into the body of an HTTPS POST to your endpoint, signed with HMAC-SHA256. You can also forward the same upload to S3, GCS, Azure Blob or another SFTP server, and downloads fetch bytes from your API on demand.
Which plan do I need for hosted SFTP?
SFTP starts on the Professional plan at €49 per server per month, which also adds custom domains, inline transforms and schema validation. The Free and Starter tiers are FTP and FTPS only, so you can prototype the flow over FTPS before a partner cuts over to SFTP.
Spin up hosted SFTP in minutes
Define a server, register an SSH key, point a client at it. A managed SFTP endpoint with your API on the other end — no servers to babysit.
Start free — no credit card