Why am I getting "401 Unauthorized" when trying to manipulate an image using add-ons?

All Cloudinary's add-on packages are limited by certain quotas. In order to avoid abuse to your account, when requesting to generate a new transformation which involves addons the request URL must be signed.

For example (JPEGmini):
http://cloudinary.com/documentation/jpegmini_image_compression_addon#signed_urls

If all required transformations are known in advance, it's also possible to pre-generate it during upload, using eager transformations. This way those images will be accessible without signing the URLs.

For example (JPEGmini):
http://cloudinary.com/documentation/jpegmini_image_compression_addon#eager_transformations

 

Have more questions? Submit a request

Comments

  • Avatar
    Jesse Hemingway

    We love the ad-hoc transformation system, as we have a growing set of clients all using more image sizes than we can predicate in advance, despite the fact they will largely use the same effects, etc.

    Is it fair to say that there is no good way to both leverage the awesome, ad-hoc sizing and also take advantage of pre-decided, but definitely add-on effects, without providing signature every time?

    Our own (untrusted) clients must make a round trip to our own server for every signature, so it feels a little impractical to do this every time we need a new image size. However, could you point me to a reference on how long a client might safely cache and re-use a signature to reduce this overhead, and thus take advantage of advanced add-ons (and also avoid abuse)?

  • Avatar
    Nadav Ofir

    Hi Jesse,
    Actually this kind of signature never expires. Furthermore, it's only necessary for the first processing of every new derived image.
    As mention above, this is a safety mean to protect your quotas. any option to bypass it with a client-side code will compromise your limits (those are hard-limits) and therefore your Production.
    Feel free to contact our support if Ajax calls for the signature are too "expensive" for your use-case, and we'll try to find another solution.

Powered by Zendesk