Projects settings
On this page
The Uploadcare experience is centered around the concept of a project. Projects are separate environments with unique sets of API keys, dedicated storage, and settings.
For instance, you could use one project to receive user-generated content, another for implementing advanced security features, and a third one to serve your frontend assets. It's best to have both test and production environments, hence projects.
Note that your projects depend on your account billing limits. Hence, if a project is created by an account on the free plan, it will have the limits of the free plan, whether or not there is a paid plan team member. Other account settings can be found here.
API keys
We provide two kinds of API keys: public and secret. Depending on which Uploadcare features you want to use, you will implement either your public key or a key pair.
Public API key
The main use of a YOUR_PUBLIC_KEY
is to identify a target project for your
uploads. It is required when using Upload API or its
clients, such as the File uploader.
Secret API keys
A YOUR_SECRET_KEY
is required when using our REST API
to manage files within a project or when
signing uploads. You can add multiple
secret API keys to a single Uploadcare project to ensure extended control
options over your environments.
Storage
Configure your storage options in the Storage section.
Automatic file storing
By default, Upload API doesn't store the files forever. There is a 24-hour window when you should decide whether to store uploaded files or not. Note that all of our official libraries, including File uploader, inherit the auto-store setting from your project, where it's set to ON by default.
Custom Amazon S3 Bucket Storage
You can connect one or more Amazon S3 buckets to your project. Then files uploaded to the project can be copied to your bucket automatically or with the REST API.
Note that when using the S3 bucket, CDN Uploadcare features are only available via Proxy.
Configure backups
You can have all your stored files to be copied to a custom S3 bucket automatically. Connect the storage once, and the system will do backups on a timely basis.
Secure uploading
Configure your secure uploading options in the Security section.
Signed uploads
A feature to control who can upload files to an Uploadcare project within your account. Your backend generates a signature using a Secret Key and includes an expiration time parameter. A client is required to include a valid signature in an upload request. It works with Uploadcare File Uploader and Upload API.
Uploading whitelabeling
Configure your uploading whitelabeling options in the Whitelabeling section.
Custom OAuth applications
With File uploader, end-users can upload files from various upload sources, such as Google Drive and Facebook. By default, Uploadcare requests access to these cloud services. This allows Uploadcare to see and download all files stored with this service.
With custom OAuth, you can set up your application icon, name, as well as Privacy Policy and Terms of Use.
Check out OAuth connection examples.
Widget version
v3.17.0
(and later) allows you to revoke OAuth access to the content of connected
accounts (Dropbox, Facebook, etc.) using the
remoteTabSessionKey
parameter.
A two-part key is used to encrypt the OAuth token, consisting of a secret and
an end-user part. The secret part is stored with Uploadcare, and the end-user
part of the key is passed through remoteTabSessionKey
.
When an end-user enters the host application and logs in to one of the available accounts (Dropbox, Facebook, etc.), a new end-user part of the key should be generated.
When the end-user logs out of the host application, the host application should lose information about the end-user part of the key.
Since the end-user part of the key will be different for each session, the end-user will have to re-login to the account inside the host application. The end-user part of the key must not match the end-user's id, e-mail, or other repeatable information. It's recommended to use a 6-8 characters string to sign an end-user part of the key.
This feature is useful when several end-users have access to the same device.
Assume that the OAuth application is not configured with remoteTabSessionKey
.
In this case, it is possible that the end-user logs out of the application
but remains logged into the Uploadcare widget, i.e., another end-user of the
host application can log into the previous user's open session on the same
device.
Custom uploading CNAME
Use your own domain name for Upload API and source endpoints. E.g.,
upload.mydomain.com and social.mydomain.com instead of upload.uploadcare.com
and social.uploadcare.com
. Can be shared between several projects.
Secure delivery
Configure your secure delivery options in the Security section.
Search engine indexing
Restrict search engines to analyze and index content in your project for global search: image and text.
Signed URLs
This security feature lets you control who and for how long can access files in your project via signed URLs. In other words, it's a CDN URL with a signature generated on your backend (similar to signed uploads). This feature works in conjunction with a Custom CNAME.
Allowed domains
An option that allows uploading images from the domains you trust when using Proxy and Adaptive delivery. This can help you build a more secure and closed system for end users. Each project has its own Whitelist.
Delivery whitelabeling
Configure your delivery whitelabeling options in the Whitelabeling section.
Custom CDN CNAME
Use your own domain for CDN links to your files stored with Uploadcare.
By default, all file URLs use ucarecdn.com
domain. By setting a Custom CNAME,
the file URLs can use cdn.mycompany.com
instead.
Proxy endpoint
A Proxy Endpoint is a URL prefix that goes before the original link
to the file on your domain. For example
https://yoursite.ucr.io/https://yoursite.com/assets/image.jpg
.
This will deliver image.jpg file using Uploadcare CDN.
Webhooks
Uploadcare provides an option to automatically send notifications when a file is uploaded to a public URL of your choosing webhooks.
Configure your webhooks in the Webhooks page.
Each webhook payload can be signed with a secret to ensure that the request comes from the expected sender. The resulting signature is included in the request header, so you can use it to validate that the request comes from Uploadcare.
Team
The account owner can add collaborators to their projects. Collaborators:
- Have full access to project files.
- Have access to this project's settings (including secret keys).
- Can't invite new users to the project.
- Can't delete the project. Only the project owner can do that.
- Don't have access to the payment settings for that project.
If the invited user doesn't have an Uploadcare account, they will be redirected to the signup page (they should use the same email address to which they were invited). The invitation link is valid for 24 hours.
Configure your team in the Team section.