Skip to main content

Upload (POST)

Use the POST method to upload files.

Content type to upload files must be "multipart/form-data".

The FormData interface should be used to upload files and text fields.

Other considerations when uploading files:

  • Files must be sent with the fieldname file.
  • You can upload up to 10 files in a single request.
  • Each file can have up to 100 MB.
  • Text fields are stored under metadata.

uniqueId - For each file uploaded we generate an uniqueId to identify the record stored in the database. This id can be used for the other request types.


fileUpload(file) {
const formData = new FormData();
formData.append("file", file);
formData.append("text", "additional info");
const config = {
headers: {
"Content-Type": "multipart/form-data"
return, formData, config);

Please remember that you are responsible for the data and files stored in your endpoints. RESTED_DEV's only objective is to provide a service to its users to make their life easier, we don't have interest in the data and we don't monitor it.

Request data

HTTP method: POST

URL format: https://baseUrl/versionNumber/customEndpointRoute/userEndpoint?key=apiKey[&dataOnly=true]


Request Parameters

The following table describes the Request parameters.

baseUrlBase url for calling the API.


versionNumberService version.

Value: The current value is 1.

customEndpointRouteThe route which identifies custom endpoints.

Default value: ce

userEndpointThe endpoint name generated by the user.

Value: the name created at

keyThe API Key of the project.Yes
dataOnlyIf used, the endpoint response will only include the data associated with the file, without additional information such as ‘uniqueId’.

Value: true

masterKeyOverrides the need for Access tokens or restrictions applied to Authentication endpoints.

Don't use this key in your client application.

For more information please refer to projects.

Value: the masterKey created at


Request Cookies


The Access token is required for secure endpoints.

It is obtained when doing a login and it is stored in an httpOnly cookie. To automatically include it in the request you need to set the following property:

// using fetch { credentials: 'include' } // using axios { withCredentials: true }

Alternatively you can also use the Authorization header.

For more information please refer to  the login documentation and Secure Endpoints documentation.
Yes - if endpoint is secure and Authorization header is not used

Request Headers

Content-TypeSpecifies the MIME type of the body of the Request. It must be multipart/form-data.Yes

The Access token is required for secure endpoints.

You should use this header if you are not using the httpOnly cookie to access a Secure endpoint.

For more information please refer to  the login documentation and Secure Endpoints documentation.

Yes - if endpoint is secure and httpOnly cookie is not used

POST body

You can include an array of files (up to 10), and text fields. For files, they must be sent using the fieldname file.

Response data

Error codes

Error codeDescription
400Possible reasons:
  • Endpoint or API Key not valid.
  • Wrong Content-Type.
  • No files sent.
  • Problems uploading the file.
401If the endpoint is secured and the access token is missing or is not valid.

It may also return this error if the user no longer exists.

403Missing API Key, not allowed origin or disallowed request without orign.

Successful response

"data": {
"metadata": {
"prop": "test"
"contentType": "video/mp4",
"mimetype": "video/mp4",
"size": 20163178,
"originalname": "internetEvolve.mp4",
"fileURL": "https://localhost:8443/api/1/ce/files/files%3E%3E%3EinternetEvolve.mp4?key=4c1224a62bd74174be63f0026354b98a&uniqueId=2d61418864814dc2aa00eedba876c677&fileOnly=true"
"uniqueId": "2d61418864814dc2aa00eedba876c677",
"updatedAt": "2021-03-08T20:24:01.000Z",
"createdAt": "2021-03-08T20:24:01.000Z"