Settings
This article covers handling your Uploadcare account, it explains how to create, manage, and configure “Projects.”
To access an account, sign up for Uploadcare and navigate to your dashboard.
Projects
The Uploadcare experience is centered around the concept of a project. Projects are separate environments that can hold different sets of files and settings. For instance, you could use one project to receive user-generated content, another for implementing advanced security features, and a third one to serve your frontend assets.
When you sign up for a new Uploadcare account, we add one default project. So, explicitly adding another project is optional: you can stick with the default one for creating a test environment and going through every other section of this article.
API keys
Uploadcare APIs and API clients (e.g., File uploader) tell your projects from one another by their API keys.
We provide the two kinds of API keys: public and
secret. In this documentation, we refer to those as public_key
and secret_key
, respectively.
Depending on which Uploadcare features you want to use, you will implement
either your public_key
or a key pair.
Public API key
The main use of a public_key
is to identify a target project for your uploads.
It is required when using Upload API or its clients such
as the File uploader.
Secret API keys
A secret_key
is required when using our REST API to
manage files within a project or implement
Video processing,
Document conversion or
Object Recognition,
or when using Secure Uploading. You can add
multiple secret API keys to a single Uploadcare project to ensure extended
control options over your environments.
API logs
The API logs section allows reviewing the API request list associated with the project. You can view logs for 4 hours to 7 days and sort the received data depending on the necessary diagnostics and monitoring.
Project files
The Files section allows viewing the set of files associated with the project. You can add new files, search the set for entries, copy individual file URLs or UUIDs, and delete files from a project.
While the Files view allows you to implement basic files management, use our REST API for more sophisticated scenarios like integrating Uploadcare with your product’s API.
Project teams
The account owner can add collaborators to their projects.
Collaborators:
- Have full access to project files.
- Have access to the settings of this project (including secret keys).
- Can't invite new users to the project.
- Can't delete the project. Only the project owner can do that.
- Don't have access to the payment settings for that project.
If the invited user doesn't have an Uploadcare account, they will be redirected to the sign up page (they should use the same email address to which they were invited). The invitation link is valid for 24 hours.
Project settings
Under the Settings section, you can find more sophisticated options. Change those when setting up specific file flows; the deafults are perfectly fine for the majority of appliances.
Automatic file storing
By default, Upload API doesn't store the files forever. There is a 24-hour window when you should decide whether to store uploaded files or not. But all of our official libraries, including File uploader, inherit the auto-store setting from your project, where it's set to ON by default. You can read more about storage behavior here.
Secure uploading
You can further enhance the security of your file uploading by generating a special token on your backend and requiring our API to check token validity. This will allow you to implement access and control management in file uploading flows. This sections allows you to turn on the behavior. Note, when switched on, we will no longer accept any uploads to the project without a token. Please, refer to our Documentation to learn more.
Webhooks
Uploadcare REST API allows adding custom webhooks to notify your application about file uploads with the customized payload. Please, refer to API reference to learn more.
Custom Amazon S3 Bucket Storage
You can connect one or more Amazon S3 buckets to your project. Then files uploaded to the project can be copied to your bucket automatically or with the REST API. See custom storage workflow for more details.
Note that when using the S3 bucket, CDN Uploadcare features are only available via Proxy.
Configure backups
You can have all your stored files to be copied to a custom S3 bucket automatically. Connect the storage once, and the system will do backups on a timely basis.
Custom OAuth applications
With File uploader, end-users can upload files from various upload sources, such as Google Drive and Facebook. By default, Uploadcare requests access to these cloud services. This allows Uploadcare to see and download all files stored with this service.
With custom OAuth, you can set up your application icon, name, as well as Privacy Policy and Terms of Use.
Check out OAuth connection examples.
Widget version v3.17.0
(and later) allows you to revoke OAuth access to the content of connected accounts
(Dropbox, Facebook, etc.) using the
remoteTabSessionKey
parameter.
A two-part key is used to encrypt the OAuth token, consisting
of a secret and a end-user part. The secret part is stored with Uploadcare,
and the end-user part of keyis passed through remoteTabSessionKey
.
When a end-user enters the host application and logs in to one of the available accounts (Dropbox, Facebook, etc.), a new end-user part of the key should be generated.
When the end-user logs out of the host application, the host application should lose information about the end-user part of the key.
Since the end-user part of the key will be different for each session, the end-user will have to re-login to the account inside the host application. The end-user part of the key must not match the end-user's id, e-mail, or other repeatable information. It's recommended to use a 6-8 characters string to sign a end-user part of the key.
This feature is useful when several end-users have access to the same device.
Assume that the OAuth application is not configured with remoteTabSessionKey
.
In this case, it is possible that the end-user logs out of the application but remains
logged into the Uploadcare widget, i.e., another end-user of the hostapplication can log
into the previous user's open session on the same device.
Whitelist
Protect your account from bad actors willing to do optimisations on your behalf, and get a proxy endpoint for Adaptive Delivery.
Edit project
This section allows changing the name of your project or removing it from your account. Click three dots next to the project's name in the list of projects to see the editing options.
Billing options
You can go to your Uploadcare Billing Options from your Dashboard or by using this link. From there, you can:
- See your current plan, limits status, and details about the charges for the next billing period.
- Configure your payment options: manage added cards and see payments history.
- Configure profile information.