Signed URLs
Introduction
If you don't want to make your files publicly accessible, you can use Access Rules to restrict access.
You can then use signed URLs to grant temporary access to those private files.
For example, you might use signed URLs to serve images in a private dashboard, or to allow a user to download a file they have purchased.
How it works
A signed delivery URL includes a valid signature which will grant access to a private file for a limited time.
A signed URL looks like this:
Once you have the signed URL, you can use it to make a GET
request to view the file. For example, you could use it as the src
for an <img>
tag, or fetch
it directly in your application.
Generate signatures
If you have access to a server-side environment, you can generate signatures yourself.
A JS/node backend example is given above. More language examples are coming soon but please contact us and we'd be happy to help you write something that fits into your stack.
Using signed URLs
Once you have the signed URL, you can use it to access the file.
For images, you can use the signedUrl
directly in an <img>
tag.
The response to a GET
request on a signed URL is the file itself, not a JSON object.
Downloading files
You can download a file by creating a link with the signedUrl
as the href
.
Common Pitfalls
The file will only be accessible for the duration of the signed URL.
Because signed URLs are only designed for short-term access, they include an expiry timestamp.
This means you should not generate signed URLs as part of a build process, because they may stop working before the next build is deployed.
TLDR; If you need signed URLs inside a JS framework site (Next.js, SvelteKit, etc) then you should use server actions to generate them at runtime.