API Access Keys

API Access Keys are temporary keys with configurable permissions and restrictions to be used in frontend browser interactions with the Filerobot store.

API Access Keys are generated by calling:

/key

API Permissions

CONFIG_CHANGE

Request Body (example)

{
    "data": {
        "upload": {
            "limit_per_min": 5, 
            "max": 6,
            "limit_per_source_ip": 12,
            "dir_scope": [
                "/hello",
                "/test/*"
            ],
            "max_file_size": 1048576
        },
        "restrictions" : {
            "whitelist_ip_ranges": [
                "80.12.95.227"
            ],
            "whitelist_countries": [
                "FR"
            ]
        },
        "key_validity": {
            "expire_duration": 600
        },
        "listing": {
            "dir_scope": [
                "/hello"
            ],
            "max": 3
        },
        "permissions": [
            "FILE_UPLOAD"
        ]
    }
}

All parameters are optional.

upload

upload sets limits on the /upload API

Parameter	Description	Default
limit_per_min	maximum number of uploads per minute with the key	unlimited
max	maximum number of uploads allowed with the key	unlimited
limit_per_ip_source	Maximum number of uploads allowed by IP by the key	unlimited
dir_scope	Directories where the key is allowed to upload. If you want to allow all subdirectories of /folder, set the value to /folder/*	all directories
max_file_size	Maximum upload size in bytes	500 MB

restrictions

restrictions restricts API calls based on IP address ranges and | or countries

Parameter	Description	Default
whitelist_ip_ranges	Allowed IP ranges for using the key from	0.0.0.0 format accepted: 8.8.8.8, 255.240.0.0/12, ...
whitelist_countries	Allowed countries for using the key from. Provide the code ISO of the country	all countries The IP are converted to country thanks to GeoLite2

key_validity

key_validity allows to set validity period of key, for example to match the user's session length in your authenticated application

Parameter	Description	Default
expiration_duration	time in second before the key expires	1200 s (20 minutes)

listing

listing sets limit on all the API except /upload

Parameter	Description	Default
dir_scope	directories from where it's allowed to list file. If you want to allow all subdirectories of /folder you need to set the value to /folder/*	/* (all directories)
max	maximum of call to the API	Unlimited

permissions

permissions permissions on file operations (list, search, ...) granted to the key.

Permission name	Description
OBJECTS_LIST	List files
OBJECTS_FETCH	Fetch/Access file
FILE_UPLOAD	Upload file
FILE_RENAME	Rename file
FILE_MOVE	Move file
FILE_META_CHANGE	Create file metadata
FILE_DELETE	Delete file
DIR_CREATE	Create directory
DIR_RENAME	Rename directory
DIR_MOV	Move directory
DIR_META_CHANGE	Create directory metadata
DIR_DELETE	Delete directory
CONFIG_CHANGE	Change storage container configuration
CONFIG_LIST	List storage container configuration

Try it out

Request

Copy-paste the cURL request in your Terminal or click on the API Explorer tab to see the API in action.

host: 'https://api.filerobot.com' path: /fusqadtm/key method: POST parameters: {} variables: {} headers: Content-Type: 'application/json; charset=utf-8' X-Filerobot-Key: 19692813e7364ef8ad6a6504d50a12ca body: | { "data": { "permissions": [ "FILE_UPLOAD", "OBJECTS_LIST", "OBJECTS_FETCH" ] } } theme: clouds-midnight curlAPIKey: "" axiosTimeout: 35000 maxContentLength: 150000 render: curl_tab: true

Response

{
    "status": "success",
    "key": "SASS__v1.05__QOxoDcJ8WauUmcvR3cylWYukGch5Sb0RWYxNXdmthOklAMwITM6U2ZhlgNzQzM2ETN2UTM6Q3c__8bad25726d",
    "hint": "New key created and ready to use",
    "debug": null
}

API Secret Keys

File APIs

Was this page helpful?