Skip to main content

How can I generate the signed-upload payload on my server?



  • Joren Winge

    How can I do this same this process with Node js? I've been searching the documentation but i can't find it.

  • Nadav Ofir

    The same sign_request() method is available on the Node.js libraries as well.

  • john kealy

    Could someone just tell us how to do this over HTTP? I'm using a language not supported by cloudinary SDK's. There are no docs on this subject that I can find, googling ends up here and other SDK's.

  • Nadav Ofir

    Hi John,
    The idea is to set up an endpoint on your own servers where one of this SDKs is installed or calculations are imitated (if using different PL). Then you can have the signature rendered into the page or asked via AJAX from the client-side prior to uploading to Cloudinary.

  • Brian

    ffs... Thought this would take an hour to do but it took a day of tinkering.


    function signFileUploadRequest(request, response) {
    // get the api_secret (and keep it secret)
    var apiSecret = process.env.CLOUDINARY_SECRET;
    // grab a current timestamp
    var millisecondsToSeconds = 1000;
    var timestamp = Math.round( / millisecondsToSeconds);
    // generate the signature using the current timestmap and any other desired Cloudinary params
    var signature = Cloudinary.utils.api_sign_request({ timestamp: timestamp }, apiSecret);
    // craft a signature payload to send to the client (timestamp and signature required, api_key either sent here or stored on client)
    var payload = {
    signature: signature,
    timestamp: timestamp
    // send it back to the client

  • Brian

    ^ I really think that snippet should be included in the Node SDK Github README. It's kind of like the most basic necessary thing, shouldn't be hidden in support forums.

  • Roee Ben Ari

    Thank you for sharing this, Brian! I'll forward this snippet to our SDK team to review. We really appreciate your feedback.

  • Sven Neumann

    Ok, I have this payload object. How do I use this with the http endpoint now???

  • Infrastructure

    Just to further what Brian has done, this is what I ended up with.

    On the server side (configured with CLOUDINARY_URL env):

    const timestamp=Math.round( /1000);

    const payload= {
    apiUrl:Cloudinary.utils.api_url('upload', { resource_type:'auto' }),
    query:Cloudinary.utils.sign_request({ timestamp }),
    We send this payload back to the client, and on the client side we simply make an xhr POST to response.apiUrl with response.query as params, and the file sent in the body.
    This should really be documented somewhere. I see lots of documentation of how to do unsigned uploads, but very scattered info about how to do signed uploads
  • Ido

    Thanks for the adding the clarification!

     We will review this and see how it fits with our documentation.

  • mathieu

    How do you use the signature on the client side? My POST request fails with a 400 'upload_preset' is missing apparently. While I'm specifically trying to use a signed upload (ie no upload_presets)...

  • Raya Straus

    Hi Mathieu,

    You can perform a client-side signed upload but the signature generation should be done on server-side and include a signed upload preset. 



Please sign in to leave a comment.