API Access Keys and Security Templates
API Access Keys are temporary keys with configurable permissions and restrictions to be used in frontend browser interactions with the Filerobot store. Their intended purpose is authenticating Filerobot widgets and plugins.
API Access Keys are generated using Security Templates.
1. Creating a Security Template
Access key templates are accessible from the Settings / Developer / Security Template modal:
You can create a template that can be used on browser side.
The IDENTIFIER will be used to get the key.
By default, the identifier cannot be called more than 5 times per minute by IP.
API permissions
| Permission | Description |
|---|---|
| OBJECTS_LIST | List files |
| OBJECTS_FETCH | Fetch file |
| FILE_UPLOAD | Upload file |
| FILE_META_CREATE | Create file metadata |
| FILE_RENAME | Rename file |
| FILE_MOVE | Move file |
| FILE_DELETE | Delete file |
| FILE_SET_VISIBILITY | Set file visibility |
| DIR_CREATE | Create directory |
| DIR_RENAME | Rename directory |
| DIR_META_CHANGE | Create directory metadata |
| DIR_MOVE | Move directory |
| DIR_DELETE | Delete directory |
| DIR_SET_VISIBILITY | Set dir visibility |
| CONFIG_CHANGE | Change container configuration |
| CONFIG_LIST | List container configuration |
| FILE_PRODUCT_CHANGE | Change product information |
| FILE_PROCESS_AUTOTAGGING | Perform autotaggin |
| OBJECTS_SHARE_MANAGE | Manage shares |
| OBJECTS_AIRBOX_MANAGE | Manage airbox |
| OBJECTS_APPROVAL_MANAGE | Manage approval |
| OBJECTS_APPROVAL_VOTE | Manage approval voting |
Upload limits
These settings set limits on the Upload API.
| Parameter | Description | Default |
|---|---|---|
| limit_per_min | maximum number of uploads per minute with the key | unlimited |
| limit_per_ip_source | Maximum number of uploads allowed by IP by the key | unlimited |
| dir_scope | Directories where the key is allowed to upload. If you want to allow all subdirectories of /folder, set the value to /folder/* | all directories |
Restrict IP limitation
It restricts API calls based on IP address ranges and/or countries.
| Parameter | Description | Default |
|---|---|---|
| whitelist_ip_ranges | Allowed IP ranges for using the key from | 0.0.0.0 format accepted: 8.8.8.8, 255.240.0.0/12, ... |
| whitelist_countries | Allowed countries for using the key from. Provide the code ISO of the country | all countries The IP are converted to country thanks to GeoLite2 |
Key validity
This setting allows to set validity period of key, for example to match the user's session length in your authenticated application
| Parameter | Description | Default |
|---|---|---|
| expiration_duration | time in second before the key expires | 1200 s (20 minutes) |
Listing limits
Sets limit on all API methods except Upload.
| Parameter | Description | Default |
|---|---|---|
| dir_scope | directories from where it's allowed to list file. If you want to allow all subdirectories of /folder you need to set the value to /folder/* | /* (all directories) |
2. Requesting an Access Key
In order to instantiate the Filerobot Uploader widget or Filerobot Image Editor widget, you will for most use cases need to specify the filerobotUploadKey parameter for the widgets to interact with your Filerobot asset storage. When the page embedding the widget is loaded, make an API call in order to request an Access Key based on the Security Template previously created.
API Access Keys are generated by calling:
Response
{
"status": "success",
"key": "SASS__v1.05__QM6AXCCNkN2kjR4YDOEBTNzMkQ5IEN2QjM4MUMFBDN3gjNyMzXVNURTpzYlNXCvlmLlJ3b0NncpFmLpBXYu0GdkFWczVnZboDZJoyLlRXYsBXblR3Lj9GZvshOylGZslAMwITM6U2ZhlwG6M2dJshOwl2dJshOylGZ1lAOyATM5ATOxYTM6Q3c__ca972e3142",
"hint": "New key created and ready to use",
"debug": null
}You can use the returned key as the filerobotUploadKey parameter in the Filerobot widget or plugin configuration.