One of the joys of Couchdrop is the ability to have user tokens created who have different permissions to directories, or specific sub folders within parent directories.
For an example, you could have a Box account setup with your account with the default directory path as '/Box'. You could then give Michelle read only access to '/Box/Marketing', however Penny could get Read/Write access to '/Box/Sales'.
The above is one example of the combinations you can have. If you happen to have multiple directories in your endpoint that you as an admin want complete access you, you can add the same endpoint as many times as you need, all with different directory paths. i.e. You could link Dropbox to your account with the root directory of '/', then you could add Dropbox again with the directory path of '/Greg', '/Bonnie' and '/Marketing Team'. Now you could give Greg and Bonnie read/write access to their accounts and read only access to Marketing. However, you as an admin will have complete read/write access over all three buckets.
To get started:
Link your chosen bucket(s) at my.couchdrop.io/buckets
Then head to https://my.couchdrop.io/credentials to setup your users
As you can see above, we have created multiple users, all with different permissions and directory endpoints. This is one approach, another could have been for me to link only '/Dropbox' to the overall account, rather than specifying marketing and sales, then do the user configuration the same above.
When your users go to use SCP, Rsync or SFTP, they simply use the username in the username column and the password that defaults to or you can set a custom password like I have above. You also have the ability to tie a public key to the token to prevent the users having to use a password at all.