Writing Back to a File with the REST API

If the user edits an uploaded file in your application, you can overwrite the original file via a POST request to the url provided. Note that using the filepicker.export call is much preferred, as it gives the user more control and is more transparent.

Important:

Filestack has added an additional layer of security that will be required in order to perform an overwrite call. This change is detailed here. The WRITE REST API call now requires one of two possible methods for validating the request.

Security Documentation

Overwrite Examples

  1. The first option for formatting a write request is to include a valid filestack policy and signature with the write permission. Details on creating and using Filestack policies and signatures can be found in the Security section of the documentation.
  2. Policy and Signature (local file and url examples)

    Request:

    >>> curl -X POST -d @filename.txt --header "Content-Type:text/plain" 'https://www.filestackapi.com/api/file/Bc2FQwXReueTsaeXB6rO?policy=eyJleHBpcnkiOjE1ODgxMzkwNTJ9&signature=fd7a49bf17afdca114fdb878a8d71034a7cbb3a7c7b87193bea94cef38b1e421'

    Response:

    {"url": "https://www.filestackapi.com/api/file/Bc2FQwXReueTsaeXB6rO", "mimetype": "image/png", "isWriteable": true, "size": 7, "filename": "300x90.png"}
    			

    Request:

    >>> curl -X POST -d "url=https://d3urzlae3olibs.cloudfront.net/watermark.png"  https://www.filestackapi.com/api/file/Bc2FQwXReueTsaeXB6rO?policy=eyJleHBpcnkiOjE1ODgxMzkwNTJ9&signature=fd7a49bf17afdca114fdb878a8d71034a7cbb3a7c7b87193bea94cef38b1e421

    Response:

    {"url": "https://www.filestackapi.com/api/file/Bc2FQwXReueTsaeXB6rO", "mimetype": "image/png", "isWriteable": true, "size": 8331, "filename": "300x90.png"}
    			
  3. The second option for formatting a write request is to require validation through the passing of an additional secret key. This information can be passed in two different ways:
    1. The request includes a "user", which is the word "app", and a "password" which is the "App Secret" that can be found in the Security section of the developer portal under App Secret
    2. User and Password (local file and url examples)

      Request:

      >>> curl -u "app:B33TN7W7NVATXNPWIKB43KNVFI" -X POST -d @filename.txt --header "Content-Type:text/plain" 'https://www.filestackapi.com/api/file/Bc2FQwXReueTsaeXB6rO?key=l5uQ3k7FQ5GoYCHyTdZV'

      Response:

      {"url": "https://www.filestackapi.com/api/file/Bc2FQwXReueTsaeXB6rO", "mimetype": "image/png", "isWriteable": true, "size": 7, "filename": "300x90.png"}
      			

      Request:

      >>> curl -u "app:B33TN7W7NVATXNPWIKB43KNVFI" -X POST -d "url=https://d3urzlae3olibs.cloudfront.net/watermark.png"  'https://www.filestackapi.com/api/file/Bc2FQwXReueTsaeXB6rO?key=l5uQ3k7FQ5GoYCHyTdZV'

      Response:

      {"url": "https://www.filestackapi.com/api/file/Bc2FQwXReueTsaeXB6rO", "mimetype": "image/png", "isWriteable": true, "size": 8331, "filename": "300x90.png"}
      			
    3. The request is accompanied by a base64 string containing the "App Secret" that can be found in the Security section of the developer portal under App Secret. The header string to be base64 encoded should look like this: 'app:B33TN7W7NVATXNPWIKB43KNVFI'. If you encode this at https://www.base64encode.org/ for example, you should receive: 'YXBwOkIzM1RON1c3TlZBVFhOUFdJS0I0M0tOVkZJ'
    4. Basic Access Authentication (local file and url examples)

      Request:

      >>> curl -H "Authorization: Basic YXBwOkIzM1RON1c3TlZBVFhOUFdJS0I0M0tOVkZJ" -X POST -d @filename.txt --header "Content-Type:text/plain" 'https://www.filestackapi.com/api/file/Bc2FQwXReueTsaeXB6rO?key=l5uQ3k7FQ5GoYCHyTdZV'

      Response:

      {"url": "https://www.filestackapi.com/api/file/Bc2FQwXReueTsaeXB6rO", "mimetype": "image/png", "isWriteable": true, "size": 7, "filename": "300x90.png"}
      			

      Request:

      >>> curl -H "Authorization: Basic YXBwOkIzM1RON1c3TlZBVFhOUFdJS0I0M0tOVkZJ" -X POST -d "url=https://d3urzlae3olibs.cloudfront.net/watermark.png"  'https://www.filestackapi.com/api/file/Bc2FQwXReueTsaeXB6rO?key=l5uQ3k7FQ5GoYCHyTdZV'

      Response:

      {"url": "https://www.filestackapi.com/api/file/Bc2FQwXReueTsaeXB6rO", "mimetype": "image/png", "isWriteable": true, "size": 8331, "filename": "300x90.png"}
      			
options
https://www.filestackapi.com/api/file/FILESTACK_HANDLE?[options]
Base64 Decoding
Boolean
{base64decode=true}

Specify that you want the data to be first decoded from base64 before being written to the file. For example, if you have base64 encoded image data, you can use this flag to first decode the data before writing the image file.

Security
String
{policy=POLICY&signature=SIGNATURE}

You will need to have a valid Filestack policy and signature in order to perform the requested call. This allows you to select who can and cannot perform certain actions on your site. Read more about security and how to generate policies and signatures