Code Workshop

🔐

Files & Documents

How Much Does SFTP / FTP Integration Cost to Build?

Adding SFTP or FTP integration to your app costs roughly $1,000–$2,000 AUD. It's a common B2B requirement — here's what's involved.

Adds approximately

$1,000$2,000

511 hours · Australian dev rates

What is SFTP / FTP integration?

SFTP (SSH File Transfer Protocol) and FTP (File Transfer Protocol) integration means automating file exchange between your app and an external server — picking up inbound files on a schedule, uploading outbound files when triggered, or both. SFTP is the secure, modern version; FTP is the older, unencrypted protocol that some legacy systems still require.

Despite the prevalence of APIs in modern software, SFTP remains a deeply entrenched standard in certain industries. Banks, government agencies, large retailers, insurers, and aged care providers frequently exchange files via SFTP because their core systems are decades old and rebuilding them around REST APIs is not on anyone's roadmap. If your app needs to integrate with any of these organisations, you will likely need SFTP support.

Common examples: a payroll app that delivers ABA bank files to a bank's SFTP server; a logistics platform that collects inventory files from a supplier's SFTP drop; a healthcare app that submits reports to a government SFTP endpoint; a retail app that pulls daily sales extracts from a large retailer's SFTP share.

When does your app need it?

  • You're integrating with a bank, government agency, or large corporate whose systems only support SFTP file exchange
  • Your app needs to receive regular data feeds (inventory updates, price lists, sales data) from a partner who delivers via SFTP
  • You're submitting compliance or regulatory reports to a government body that accepts files via SFTP
  • You're replacing a manual process where someone logs into an FTP server daily to pick up or drop off files
  • A B2B customer or partner has specified SFTP as their preferred integration method
  • Your app generates batch output files (payroll, orders, reconciliation) that need to be delivered to another system overnight

How much does it cost?

Adding SFTP integration typically adds 5–11 hours of development — roughly $1,000–$2,000 AUD at Australian boutique agency rates.

A straightforward implementation (scheduled polling of one SFTP server, download new files, process and import) sits at the lower end. Integrations with multiple SFTP endpoints, complex file processing logic, outbound upload triggered by app events, retry and error handling, and admin monitoring sit at the upper end.

How it's typically built

SFTP connections in Node.js are handled using the ssh2-sftp-client library, which provides a clean async interface for listing, downloading, and uploading files over SSH. The developer connects using either a username/password or an SSH key pair — SSH keys are strongly preferred for automation as they're more secure and don't require storing passwords.

For inbound file polling, a scheduled job (AWS EventBridge, Vercel Cron, or a cron task on a server) connects to the SFTP server at a defined interval (every 15 minutes, hourly, nightly), lists new files, downloads them, processes them (parsing CSV, triggering import logic), and moves or deletes them from the remote server to prevent reprocessing.

For outbound file delivery, the upload is triggered by an event in your app (a batch run completing, a user approving a payroll) — the app generates the required file format and uses the SFTP client to upload it to the correct path on the remote server.

Known hosts verification (confirming the remote server's SSH fingerprint matches the expected value) is included to prevent man-in-the-middle attacks. Credentials and private keys are stored in environment variables or a secrets manager, never in source code.

Questions to ask your developer

  • Is this SFTP (SSH-based) or plain FTP? Confirm with the counterparty — plain FTP is unencrypted and some cloud providers block outbound FTP; SFTP is preferred and far more common.
  • Will authentication use a password or SSH key pair? The counterparty controls this — get the connection details (host, port, username, credential type) before scoping.
  • How often does the SFTP server need to be polled, and what happens if a file is missed? Define the schedule and the error handling (retry, alert, dead-letter queue) before building.
  • Who monitors the integration when it fails? SFTP servers go down, credentials expire, and file formats change — there needs to be an alerting mechanism and a clear owner for responding to failures.
  • Is there a test SFTP environment available? Counterparties with proper integration processes provide a staging SFTP server for testing; if not, agree on how integration testing will work before the project starts.

See also: Bulk data import · File uploads and storage · App cost calculator

Get a full project estimate

Use the calculator to build your complete feature list. We'll call you back within one business day to scope it properly.

All app features