Skip to main content
A single Bucket in Nightly represents an SFTP server. Buckets have users, which in turn have files. Each Nightly account gets one Bucket for free, and each additional Bucket is $5 per month. There is no limit on the total number of Buckets that you can create, and you can delete Buckets at any time.

Bucket Best Practices

Each Bucket has its own hostname that you can use to connect to it. This hostname is unique to your account and will not change. The Nightly dashboard also provides the ability to add a custom domain to a Bucket if you wish to use your own (sub)domain name. One way to utilize Buckets is to create a Bucket for each of your clients and then users for each accessor of that Bucket. If you do not wish to create a new Bucket for each customer due to cost or other limitations, you can also limit each user to a specific directory within a Bucket. This is done by setting the user’s home directory at creation. For example, if your default Bucket is located at acme.sftp.nightly.sh and you have a customer named example, you can create a new user within the acme bucket and set their home directory to /example. This will limit the user to only being able to access the /example directory within the acme Bucket. Although this does not separate the data between customers at the file system level, it does prevent users from accessing data that they should not have access to.

Example Customer Onboarding Flow

Here is an example automated workflow that your service could implement for each new customer that requires SFTP access:
  1. Either create a new Bucket for the customer or create a new user within an existing Bucket.
  2. Encrypt the user’s credentials in your database.
  3. Show the user their bucket hostname, their username, and their password within your UI.
  4. Optional: Allow the user to reset their SFTP password from your UI by calling the Update User API endpoint with their new password.
In an EdTech company, for example, this workflow would be activated for every new school district added to the platform and the credentials would be surfaced to technical administrators who are configuring the nightly file transfers.