Limit filetypes by access key

Would it be possible to have the ability to filter the types of files that an api key is allowed to upload? When we generate a key, can we have a list of types that are allowed?

Hi @Simon_Yeldon, at the moment, it’s possible to validate file type on the client using the JS API of the widget. Is there any specific reason for you to have this ability on the project settings level?

Thanks for your response Alex.

We are looking for a bit more security around the uploads to prevent file types we don’t want uploaded from making their way onto your servers. Should an API key be compromised, or the validators bypassed on the clients browser.

We’ve added an option to validate file types on the backend. This option doesn’t have a dashboard UI yet. Contact us at help@uploadcare.com if you need to configure your project to accept only files of specific types.

1 Like

Hey @Simon_Yeldon, the backend type validation is now fully available on the Business plan+. See https://uploadcare.com/docs/start/settings/#file-types for more details.