Data Types

UploadJwt

Upload supports authorization via JWTs for the uploading and downloading of files.

To use JWTs in your requests select one of these methods:

Pass your JWT via the Authorization-Token HTTP header, and your public API key via the Authorization HTTP header.

Pass your JWT via a access-token-<ACCOUNT ID> cookie. (The beginAuthSession method in the Upload JavaScript SDK does this for you.)

Your API's auth URL must return an RS256-signed JWT (e.g. eyJhbGci...). The JWT's public key certificate must be added to your account via the Upload Dashboard. This page describes the decoded payload part of the JWT.

Structure

{
"exp": Integer,
"iat": Integer,
"sub": String
}

Example

{
"access": {
"pathPermissions": [
{
"match": {
"path": "/users/user-xyz",
"scope": "Children"
},
"permissions": {
"read": {
"file": {
"downloadFile": [
"*"
],
"getFileDetails": true
},
"folder": {
"getFolderDescription": true,
"getFolderPublicPermissions": true,
"getFolderStorageLayer": true,
"listFolderChildren": true
}
},
"write": {
"file": {
"createFile": true,
"deleteFile": true,
"overwriteFile": true
},
"folder": {
"createVirtualFolder": true,
"deleteVirtualFolder": true,
"setFolderDescription": true,
"setFolderPublicPermissions": true,
"setFolderStorageLayer": true
}
}
}
}
],
"tagPermissions": {
"write": [
"*"
]
}
},
"exp": 1615680311,
"iat": 1615680311,
"sub": "string"
}

Properties

access

The access permissions for the JWT.

If the JWT is provided together with a public API key (see above), then the permissions from the API key are merged with the JWT's permissions, taking the JWT's permissions where overlaps occur.

Type: UploadJwtAccess

Required: No

exp

The time the JWT will expire in seconds since midnight 1 January 1970, UTC.

Example: 1615680311

Type: Integer

Minimum: 0

Required: Yes

iat

The time the JWT was issued in seconds since midnight 1 January 1970, UTC.

Example: 1615680311

Type: Integer

Minimum: 0

Required: Yes

sub

User ID from your application's database.

Upload doesn't currently perform any logic based on this value.

However, the value is required, and we recommend setting it to a real user ID for logging and auditing purposes.

Type: String

Required: Yes

Was this section helpful? Yes No

You are using an outdated browser.

This website requires a modern web browser -- the latest versions of these browsers are supported: