POST/desk/api/v2/files/ref.json
POST_v2_files_ref.json
Uploading files to Desk is a 3-step process
First, you need to create an authorization using /v2/files/ref.json It expects a full disclosure of what's intended to be uploaded
Request:
{
"type": "attachment",
"filename": "the_file_name.jpeg",
"mimeType": "image/jpeg",
"disposition": "attachment"
}
We will return an URL and a list of parameters that need to be sent along with the file
Response:
{
"url": "http://url/",
"params": {
"Content-Type": "image/jpeg",
"bucket": "A_NAME",
"key": "A_VALUE_FOR_LATER",
"policy": "A_LONG_STRING",
"success_action_status": "201",
"x-amz-algorithm": "AWS4-HMAC-SHA256",
"x-amz-credential": "A_VALUE",
"x-amz-date": "ANOTHER_VALUE",
"x-amz-signature": "ANOTHER_LONG_STRING"
},
"file": {
"id": FILE_ID,
"mimeType": "image/jpeg",
"fileName": "the_file_name.jpeg",
"size": 0,
"disposition": "attachment",
"type": "attachment",
"createdAt": "2019-03-14T11:53:38.103518Z",
"updatedAt": "2019-03-14T11:53:38.103518Z",
"createdBy": {
"id": 1,
"type": "users"
},
"updatedBy": {
"id": 1,
"type": "users"
},
"state": "temp"
}
}
Any tampering will cause the upload request to fail
Uploading the file with curl
curl -X POST \
http://url/ \
-H ': ' \
-H 'cache-control: no-cache' \
-F Content-Type=image/jpeg \
-F key=A_VALUE_FOR_LATER \
-F policy=A_LONG_STRING \
-F success_action_status=201 \
-F x-amz-algorithm=AWS4-HMAC-SHA256 \
-F x-amz-credential=A_VALUE \
-F x-amz-date=ANOTHER_VALUE \
-F x-amz-signature=ANOTHER_LONG_STRING \
-F file=@YOUR_FILE_PATH \
-F bucket=A_NAME
Response:
<?xml version="1.0" encoding="UTF-8"?>
<PostResponse>
<Bucket>A_NAME</Bucket>
<Key>A_VALUE_FOR_LATER</Key>
<ETag>SOME_STRING</ETag>
<Location>/A_NAME/A_VALUE_FOR_LATER</Location>
</PostResponse>
Finally, you need to tell desk that the file has been uploaded
PATCH /v2/files/{FILE_ID}.json
Response:
{
"file": {
"id": FILE_ID,
"mimeType": "image/jpeg",
"fileName": "the_file_name.jpeg",
"size": 14358,
"disposition": "attachment",
"type": "attachment",
"URL": "",
"createdAt": "2019-03-12T13:40:25.135843Z",
"updatedAt": "2019-03-12T13:40:25.135843Z",
"createdBy": {
"id": 1,
"type": "users"
},
"updatedBy": {
"id": 1,
"type": "users"
},
"state": "active"
}
}
Body Params
FileAPIBody handles the get/create/update request/response for file.
- Name
file- Type
- object
- Description
- File represents a File.
- Name
included- Type
- object
- Description
- Included allows adding referenced objects on the API response. The included keys should map to the `types` in the Relationship slices/objects.
Responses
- Code
- 201
- Type
- object
- Schema
- Description
- 201 Created
- Code
- 400
- Type
- object
- Schema
- Description
- 400 Bad Request
Validator hold the validation errors. Typically you shouldn't create this directly but use the New() function.
201 Created
fileRefResponse
{
"file": {
"createdAt": "2025-10-16T11:13:44.615Z",
"createdBy": {
"delete": true,
"id": 0,
"meta": {
"additionalProp": "Unknown Type: any"
},
"type": 0
},
"customer": {
"delete": true,
"id": 0,
"meta": {
"additionalProp": "Unknown Type: any"
},
"type": 0
},
"deletedAt": "2025-10-16T11:13:44.615Z",
"deletedBy": {
"delete": true,
"id": 0,
"meta": {
"additionalProp": "Unknown Type: any"
},
"type": 0
},
"disposition": "string",
"downloadURL": "string",
"filename": "string",
"filter_args": {
"aggregate": {
"Distinct": true,
"Field": "string",
"Operation": "string"
},
"bulkDryExecute": true,
"fields": [
"string"
],
"filter": [
"string"
],
"id": 0,
"ids": [
0
],
"includes": [
"string"
],
"orderBy": "string",
"orderMode": "asc",
"page": 0,
"pageOffset": 0,
"pageSize": 0,
"skipAggregation": true
},
"id": 0,
"mimeType": "string",
"pixelHeight": 0,
"pixelWidth": 0,
"proxyKey": "string",
"s3Path": "string",
"size": 0,
"state": "string",
"type": {
"ContentTypes": [
"string"
],
"MaxSize": 0,
"Name": "string"
},
"updatedAt": "2025-10-16T11:13:44.615Z",
"updatedBy": {
"delete": true,
"id": 0,
"meta": {
"additionalProp": "Unknown Type: any"
},
"type": 0
}
},
"params": {
"additionalProp": "string"
},
"url": "string"
}