API Secret Keys

As their name states, API Secret Keys should be kept secret and used for server-to-server communication to manage files in Filerobot. API Secret Keys should not be used for the Filerobot plugins: Uploader Widget, Image Editor and 360° Spin plugin. These should be used with API access keys created using Security templates.

Obtaining API Secret Keys

Authentication against the Filerobot API is done with an API Secret Key available under Developer / API Secret Keys.

Photo alt \#responsive

You can create additional API Secret Keys and define permissions for the key through the Create new key button.

Key permissions

Each API Secret Key has associated permissions:

Permission nameDescription
OBJECTS_LISTList files
OBJECTS_FETCHFetch/Access file
FILE_UPLOADUpload file
FILE_RENAMERename file
FILE_MOVEMove file
FILE_META_CHANGECreate file metadata
FILE_DELETEDelete file
DIR_CREATECreate directory
DIR_RENAMERename directory
DIR_MOVEMove directory
DIR_META_CHANGECreate directory metadata
DIR_DELETEDelete directory
CONFIG_CHANGEChange storage container configuration
CONFIG_LISTList storage container configuration

Making your first API call

The key is passed as part the X-Filerobot-Key HTTP header in every API request, for example:

Cupy-paste the cURL request in your Terminal or click on the API Explorer tab to see the API in action.

host: 'https://api.filerobot.com/fdocs' path: /v4/files method: GET parameters: {} variables: {} headers: X-Filerobot-Key: 19692813e7364ef8ad6a6504d50a12ca body: "" theme: clouds-midnight curlAPIKey: "" axiosTimeout: 35000 maxContentLength: 150000 render: curl_tab: true