Storage

Store files in buckets. Buckets and files use the same permission model as collections and documents.

Create a bucket & upload

curl
curl -X POST "https://base.finiteskills.com/v1/storage/buckets" -H "X-Appwrite-Project: <YOUR_PROJECT_ID>" \
  -H "X-Appwrite-Key: <API_KEY>" -H "Content-Type: application/json" \
  -d '{"bucketId":"media","name":"Media","permissions":["read(\"any\")","create(\"users\")"],
       "maximumFileSize":30000000}'

# upload (multipart). fileId "unique()" auto-generates an id.
curl -X POST "https://base.finiteskills.com/v1/storage/buckets/media/files" \
  -H "X-Appwrite-Project: <YOUR_PROJECT_ID>" -H "X-Appwrite-Key: <API_KEY>" \
  -F "fileId=unique()" -F "file=@./photo.png"

Large files upload in 5 MB chunks with a Content-Range header and the same fileId reused across requests — the official SDKs do this automatically.

Serve, transform & sign

Endpoints
GET  /storage/buckets/media/files/{id}/view      # inline
GET  /storage/buckets/media/files/{id}/download  # attachment
GET  /storage/buckets/media/files/{id}/preview?width=400&height=300&quality=80&output=webp
POST /storage/buckets/media/files/{id}/signed-url { ttlSeconds }  # time-limited public URL

When a CDN is configured for the deployment, files are mirrored to it and preview transforms are served, cached, from the CDN; the file's metadata then includes a cdnUrl. Signed URLs need no auth and expire after their TTL.