Data Types
  • Documentation
  • Data Types
  • More Resources

    • UploadJwt

    Upload supports authorization via JWTs for the uploading and downloading of files.

    To use JWTs in your requests select one of these methods:

    Pass your JWT via the Authorization-Token HTTP header, and your public API key via the Authorization HTTP header.

    Pass your JWT via an access-token-X cookie, where X is your account ID. (See beginAuthSession in the Upload JavaScript SDK.)

    Your JWT must be signed using a public/private key pair, where the public key certificate has been added to the Upload Dashboard.

    On the wire, JWTs are serialized as so:

    base64UrlEncode(headerJsonString).base64UrlEncode(payloadJsonString).signature

    This page describes the decoded JSON structure of the payload part of the JWT.

    Structure

    {
      "access": UploadJwtAccess,
      "exp": Integer,
      "iat": Integer,
      "sub": String
    }

    Example

    {
      "access": {
        "pathPermissions": [
          {
            "match": {
              "path": "/uploads/file.jpg",
              "scope": "Children"
            },
            "permissions": {
              "read": {
                "file": {
                  "downloadFile": [
                    "thumbnail"
                  ],
                  "getFileDetails": true
                },
                "folder": {
                  "getFolderDescription": true,
                  "getFolderPublicPermissions": true,
                  "getFolderStorageLayer": true,
                  "listFolderChildren": true
                }
              },
              "write": {
                "file": {
                  "createFile": true,
                  "deleteFile": true,
                  "overwriteFile": true
                },
                "folder": {
                  "createVirtualFolder": true,
                  "deleteVirtualFolder": true,
                  "setFolderDescription": true,
                  "setFolderPublicPermissions": true,
                  "setFolderStorageLayer": true
                }
              }
            }
          }
        ],
        "tagPermissions": {
          "write": [
            "*"
          ]
        }
      },
      "exp": 1615680311,
      "iat": 1615680311,
      "sub": "string"
    }

    Properties

    access

    The access permissions for the JWT.

    If the JWT is provided together with a public API key (see above), then the permissions from the API key are merged with the JWT's permissions, taking the JWT's permissions where overlaps occur.

    Type: UploadJwtAccess

    Required: No

    exp

    The time the JWT will expire in seconds since midnight 1 January 1970, UTC.

    Type: Integer

    Minimum: 0

    Example: 1615680311

    Required: Yes

    iat

    The time the JWT was issued in seconds since midnight 1 January 1970, UTC.

    Type: Integer

    Minimum: 0

    Example: 1615680311

    Required: Yes

    sub

    User ID from your application's database.

    Upload doesn't currently perform any logic based on this value.

    However, the value is required, and we recommend setting it to a real user ID for logging and auditing purposes.

    Type: String

    Required: Yes

    Was this section helpful? Yes No

    You are using an outdated browser.

    This website requires a modern web browser -- the latest versions of these browsers are supported:

    Chrome

    Download

    Firefox

    Download

    Opera

    Download

    Safari

    Download
    (macOS only)

    Internet Explorer

    Download
    (Windows only)

    Microsoft Edge

    Download
    (Windows only)