Storage API
Endpoints
Section titled “Endpoints”| Method | Path | Purpose |
|---|---|---|
| POST | /storage/{app_id}/upload | Request a presigned upload URL |
| GET | /storage/{app_id}/objects | List all files for the app |
| GET | /storage/{app_id}/download/{object_id} | Request a presigned download URL |
| DELETE | /storage/{app_id}/{object_id} | Delete a file |
Upload
Section titled “Upload”POST /storage/{app_id}/uploadAuthorization: Bearer {token}
{ "filename": "profile.jpg", "contentType": "image/jpeg", "sizeBytes": 102400}Response:
{ "uploadUrl": "https://storage.example.com/...", "objectKey": "app_id/user_id/uuid_profile.jpg", "objectId": "uuid", "expiresIn": 300}Then upload the file:
await fetch(uploadUrl, { method: 'PUT', headers: { 'Content-Type': 'image/jpeg' }, body: fileBlob});Download
Section titled “Download”GET /storage/{app_id}/download/{object_id}Authorization: Bearer {token}Response:
{ "downloadUrl": "https://storage.example.com/...", "filename": "profile.jpg", "expiresIn": 3600}List files
Section titled “List files”GET /storage/{app_id}/objectsAuthorization: Bearer {token}Returns array of { id, filename, content_type, size_bytes, created_at }.
URL expiration
Section titled “URL expiration”| URL type | Expiration |
|---|---|
| Upload | 5 minutes |
| Download | 1 hour |
Storage limits
Section titled “Storage limits”| Limit | Default |
|---|---|
| Max file size | 10 MB |
| Total storage | 1 GB per app |
| Content types | All (configurable) |
Access control
Section titled “Access control”| Auth | Access |
|---|---|
| Service key | All files, no user association |
| End-user JWT | Own files only, auto-associated |