The full API documentation is availabe under developers.scaleflex.com.
Manage API keys for headless applications
API keys allow to call the Filerobot file management API and are suited for backend or headless application where no user context is needed and where the key is not exposed to the browser
Authentication against the Filerobot API is done with an API Secret Key available under Settings > Developers > API keys.
Enter the API key description so it can be easily identified
Select the permissions to be attached with the API key (multi selection from the permissions list) -- these defines what the user will be able to do with the assets
Existing API keys can be managed individually or in bulk for status (Active <> Deactivate). The following settings can be edited:
New API keys can be created with the button. On click, user will be requested to
API Permission | Description |
---|---|
Setting | Description |
---|---|
OBJECTS_LIST
List files
OBJECTS_FETCH
Fetch file
FILE_UPLOAD
Upload file
FILE_META_CREATE
Create file metadata
FILE_RENAME
Rename file
FILE_MOVE
Move file
FILE_DELETE
Delete file
FILE_SET_VISIBILITY
Set file visibility
DIR_CREATE
Create directory
DIR_RENAME
Rename directory
DIR_META_CHANGE
Create directory metadata
DIR_MOVE
Move directory
DIR_DELETE
Delete directory
DIR_SET_VISIBILITY
Set dir visibility
CONFIG_CHANGE
Change container configuration
CONFIG_LIST
List container configuration
FILE_PRODUCT_CHANGE
Change product information
FILE_PROCESS_AUTOTAGGING
Perform autotaggin
OBJECTS_SHARE_MANAGE
Manage shares
OBJECTS_AIRBOX_MANAGE
Manage airbox
OBJECTS_APPROVAL_MANAGE
Manage approval
OBJECTS_APPROVAL_VOTE
Manage approval voting
Description
To identify the API keys
Secret key
To be kept secret
Created at
The API key creation date
Active
The API key status that can be toggled from active to deactivated using the ... options
-- If used, deactivated API keys will return an error
Copy
Copy the secret key in the notepad for easy integration
Post processing, Webhooks & integrations
Automations allow applying automated actions (background removal, AI-tagging, detecting brand logos, etc.) to uploaded assets during or after the upload process, or sending the uploaded asset's metadata to an external API endpoint.
The Automation settings are accessible from Settings > Development > Automations
Post-processing includes the application of various algorithms to an asset on upload - e.g. detect if it's not safe for work, count faces in an image, remove image background and many others.
To add a post process, User can click on the Add post process button and select a post process from the list (See below)
Post processes marked with * require ASK Filerobot credits.
Refer to Upload post processes for a list of available post processes.
Once a post process is selected, user is requested to set the following parameters:
Webhooks allow to call a 3rd party web service upon specific triggers and send all asset data in the JSON body.
Defines when the Webhook will be triggered
Defines which data is sent to the webhook
Parameter | Description |
---|---|
Webhook parameter | Description |
---|---|
Assets trigger | Metadata trigger |
---|---|
File | Video | Image |
---|---|---|
Mode
Sets if the post processing is sync or async
Run on every upload
When enabled, post process will apply to every upload
Trigger rules
Defines conditions under which the post processing will be triggered. If "no trigger rules" is selected, the post processing will trigger with every upload
Webhook url
Target webhook url to POST event to
Hostname
The domain address of the 3d party to post data to
Path
The domain path to post data to
Basic Authentication
Requires a Username and a password
oAuth2 Authentication
Requires an authentication endpoint (with https://), a username and a password
On upload
On change meta
On move
On change info
On rename
On change tag
On delete
On change label
Name
Width
Width
Size
Height
Height
Path
Length
(in seconds)
MIME type
Bitrate
CDN link
HLS/DASH playlist URL
File UUID
The CDN invalidation page allows users to invalidate images from the CDN and Filerobot resizing servers.
The CDN invalidation is accessible from Settings > Development > CDN invalidation
Invalidation allows to flush the CDN cache to refresh the assets with their latest version without changing the URL. By default, Filerobot invalidates older version when a new version is created in the Asset Hub. Hence manual invalidation is mostly needed for externally hosted assets.
This option on the Add invalidation form enables the user to request the invalidation of all assets or a subset of assets by asset path using the 'original' option.
Past invalidation details
Past invalidation requests can be viewed along with their status and details (follow the links to view the inventory of invalidated assets).
Security templates are used to generate API access keys (temporary keys with configurable permissions & restrictions)
The Security Templates are accessible from Settings > Development > Security templates
Security Templates can be created with the Add Template button by entering the following informations
Used to identify the security template
Used to defines what users can / can't do with the assets. Permissions are selected from the list:
These settings set limits on the Upload API.
It restricts API calls based on IP address ranges and/or countries.
This setting allows to set validity period of key, for example to match the user's session length in your authenticated application
Directories where the key is allowed to list elements. If you want to allow all subdirectories of /folder, set the value to /folder/*
Existing API keys can be managed individually or in bulk for status (Active <> Deactivate):
API Permission | Description |
---|---|
Setting | Description | Default |
---|---|---|
Setting | Description | Default |
---|---|---|
Setting | Description | Default |
---|---|---|
Setting | Description | Default |
---|---|---|
User level | Description |
---|---|
OBJECTS_LIST
List files
OBJECTS_FETCH
Fetch file
FILE_UPLOAD
Upload file
FILE_META_CREATE
Create file metadata
FILE_RENAME
Rename file
FILE_MOVE
Move file
FILE_DELETE
Delete file
FILE_SET_VISIBILITY
Set file visibility
DIR_CREATE
Create directory
DIR_RENAME
Rename directory
DIR_META_CHANGE
Create directory metadata
DIR_MOVE
Move directory
DIR_DELETE
Delete directory
DIR_SET_VISIBILITY
Set dir visibility
CONFIG_CHANGE
Change container configuration
CONFIG_LIST
List container configuration
FILE_PRODUCT_CHANGE
Change product information
FILE_PROCESS_AUTOTAGGING
Perform autotaggin
OBJECTS_SHARE_MANAGE
Manage shares
OBJECTS_AIRBOX_MANAGE
Manage airbox
OBJECTS_APPROVAL_MANAGE
Manage approval
OBJECTS_APPROVAL_VOTE
Manage approval voting
Limit per min
(limit_per_min
)
Set the maximum of upload per minute with the key
Unlimited
Limit per source IP
(limit_per_source_ip
)
Maximum number of uploads allowed by IP by the key
Unlimited
Directory scope
(dir_scope
)
Directories where the key is allowed to upload. If you want to allow all subdirectories of /folder, set the value to /folder/*
All directories
whitelist_ip_ranges
Allowed IP ranges for using the key from
0.0.0.0 format accepted: 8.8.8.8, 255.240.0.0/12, ...
whitelist_countries
Allowed countries for using the key from. Provide the code ISO of the country
all countries
The IP are converted to country thanks to GeoLite2
expiration_duration
time in second before the key expires
1200 s (20 minutes)
directory_scope
Directories where the key is allowed to list and search assets. If you want to allow all subdirectories of /folder, set the value to /folder/*
All directories
Description
To identify the Security template
Secret key
To be kept secret
Created at
The API key creation date
Scope
Used to limit the scope
Active
The Security template status that can be toggled from active to deactivated using the ...
options
Copy
Copy the secret key in the notepad for easy reuse