Storage
Store files in buckets. Buckets and files use the same permission model as collections and documents.
Create a bucket & upload
curl
curl -X POST "https://base.finiteskills.com/v1/storage/buckets" -H "X-Appwrite-Project: <YOUR_PROJECT_ID>" \
-H "X-Appwrite-Key: <API_KEY>" -H "Content-Type: application/json" \
-d '{"bucketId":"media","name":"Media","permissions":["read(\"any\")","create(\"users\")"],
"maximumFileSize":30000000}'
# upload (multipart). fileId "unique()" auto-generates an id.
curl -X POST "https://base.finiteskills.com/v1/storage/buckets/media/files" \
-H "X-Appwrite-Project: <YOUR_PROJECT_ID>" -H "X-Appwrite-Key: <API_KEY>" \
-F "fileId=unique()" -F "file=@./photo.png"
Large files upload in 5 MB chunks with a Content-Range header and the same
fileId reused across requests — the official SDKs do this automatically.
Serve, transform & sign
Endpoints
GET /storage/buckets/media/files/{id}/view # inline
GET /storage/buckets/media/files/{id}/download # attachment
GET /storage/buckets/media/files/{id}/preview?width=400&height=300&quality=80&output=webp
POST /storage/buckets/media/files/{id}/signed-url { ttlSeconds } # time-limited public URL
When a CDN is configured for the deployment, files are mirrored to it and preview transforms
are served, cached, from the CDN; the file's metadata then includes a cdnUrl. Signed URLs need
no auth and expire after their TTL.