Skip to main content
File access is server mediated. Browser clients should never receive object store credentials. Common flows:
  • Create metadata with POST /api/v1/files.
  • Request upload URLs with POST /api/v1/files/upload-url.
  • Ingest documents with POST /api/v1/files/ingest-document.
  • Search text with POST /api/v1/files/search-text.
  • Download owner-scoped content with GET /api/v1/files/{fileId}/content.
  • Share files with PATCH /api/v1/files/share.
Use short-lived URLs and validate ownership on every content access route. Generated media outputs use: