Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/nayalsaurav/ai360/llms.txt

Use this file to discover all available pages before exploring further.

The Upload Auth endpoint generates time-limited, cryptographically signed credentials that allow the browser to upload files directly to ImageKit without routing the binary through your Next.js server. It uses the getUploadAuthParams helper from @imagekit/next/server and returns the four values the ImageKit client SDK requires to perform an authenticated upload. Call this endpoint from the browser immediately before initiating an upload, then pass the returned values to the ImageKit upload SDK.

Request

GET /api/upload-auth
No request body, query parameters, or authentication headers are required from the client. The server uses IMAGEKIT_PRIVATE_KEY (server-side only) and NEXT_PUBLIC_IMAGEKIT_PUBLIC_KEY to sign the credentials.

Response

A successful request returns HTTP 200 with the following body:
token
string
A unique token string used to authenticate this specific upload request. Pass this to the ImageKit upload SDK as token.
expire
number
Unix timestamp (seconds) indicating when the token expires. The upload must be initiated before this time. Typically valid for a short window (e.g. 60 seconds from generation).
signature
string
An HMAC-SHA1 signature computed server-side using your IMAGEKIT_PRIVATE_KEY. Prevents forged upload requests. Pass this to the ImageKit upload SDK as signature.
publicKey
string
Your ImageKit public key, returned alongside the signed params so the client does not need to hard-code it separately.
{
  "token": "a5f2e1b8c3d7...",
  "expire": 1718000060,
  "signature": "3d9f2a1c8b4e...",
  "publicKey": "public_XXXXXXXXXXXX="
}

Error Responses

StatusBodyCause
500{ "error": "Failed to generate auth params" }getUploadAuthParams threw an error, most likely due to a missing or malformed private key.
The IMAGEKIT_PRIVATE_KEY is a server-side secret and must never be exposed to the browser. This endpoint exists specifically to keep that key on the server while still enabling client-side uploads.
Credentials returned by this endpoint are single-use and short-lived. Fetch fresh auth params immediately before every upload — do not cache or reuse them across multiple requests.

Environment Variables

VariableDescription
IMAGEKIT_PRIVATE_KEYYour ImageKit private API key. Never expose this client-side.
NEXT_PUBLIC_IMAGEKIT_PUBLIC_KEYYour ImageKit public API key. Returned to the client as publicKey.

Example

Request
curl https://your-domain.com/api/upload-auth
Response
{
  "token": "a5f2e1b8c3d74f9a2e6b1c8d5f3a7e2b",
  "expire": 1718000060,
  "signature": "3d9f2a1c8b4e5f7a6b2c1d8e4f3a9b7c",
  "publicKey": "public_XXXXXXXXXXXXXXXXXXXX="
}
Using the credentials with the ImageKit browser SDK
import ImageKit from "imagekit-javascript";

// 1. Fetch fresh auth params from your server
const authRes = await fetch("/api/upload-auth");
const { token, expire, signature, publicKey } = await authRes.json();

// 2. Initialise the ImageKit client
const ik = new ImageKit({
  publicKey,
  urlEndpoint: process.env.NEXT_PUBLIC_IMAGEKIT_URL_ENDPOINT,
  authenticationEndpoint: "/api/upload-auth", // or pass params directly
});

// 3. Upload a file
const result = await ik.upload({
  file: selectedFile,        // File object from an <input type="file">
  fileName: "my-image.png",
  token,
  signature,
  expire,
});

console.log("Uploaded URL:", result.url);

Build docs developers (and LLMs) love