Data Types

BytescaleJwt

Bytescale supports authorization via JWTs for the uploading and downloading of files.

To use JWTs in your requests:

With an SDK: Use the AuthManager.beginAuthSession method to authenticate all requests made via the Bytescale JavaScript SDK with JWTs issued by your application and to establish a JWT session cookie with the Bytescale CDN.

Without an SDK: Pass your JWT via the Authorization-Token HTTP header, and your public API key via the Authorization HTTP header with a "Bearer " prefix.

To learn more, please see: https://www.bytescale.com/docs/authorization#jwt-cookie

{
"exp": Integer,
"iat": Integer,
"sub": String
}
{
"access": {
"pathPermissions": [
{
"match": {
"path": "/users/user-xyz",
"scope": "Children"
},
"permissions": {
"read": {
"file": {
"downloadFile": [
"*"
],
"getFileDetails": true
},
"folder": {
"getFolderDescription": true,
"getFolderPublicPermissions": true,
"getFolderStorageLayer": true,
"listFolderChildren": true
}
},
"write": {
"file": {
"createFile": true,
"deleteFile": true,
"overwriteFile": true
},
"folder": {
"createVirtualFolder": true,
"deleteVirtualFolder": true,
"setFolderDescription": true,
"setFolderPublicPermissions": true,
"setFolderStorageLayer": true
}
}
}
}
],
"tagPermissions": {
"write": [
"*"
]
}
},
"exp": 1615680311,
"iat": 1615680311,
"sub": "string"
}

The access permissions for the JWT.

If the JWT is provided together with a public API key (see above), then the permissions from the API key are merged with the JWT's permissions, taking the JWT's permissions where overlaps occur.

Type: BytescaleJwtAccess

Required: No

The time the JWT will expire in seconds since midnight 1 January 1970, UTC.

Example: 1615680311

Type: Integer

Minimum: 0

Required: Yes

The time the JWT was issued in seconds since midnight 1 January 1970, UTC.

Example: 1615680311

Type: Integer

Minimum: 0

Required: Yes

User ID from your application's database.

Bytescale doesn't currently perform any logic based on this value.

However, the value is required, and we recommend setting it to a real user ID for logging and auditing purposes.

Type: String

Required: Yes

Was this section helpful? Yes No

You are using an outdated browser.

This website requires a modern web browser -- the latest versions of these browsers are supported: