Skip to main content
Live. This area is documented as current, user-reliable behavior.

Goal

Serve private files without making them publicly cacheable.

Prerequisites

  • An uploaded private asset

Workflow

1
Upload the file with visibility private.
2
Store the returned asset ID in your database.
3
Generate a signed URL when an authorized user needs access.
4
Use maxDownloads for one-time downloads when appropriate.

Create a signed download URL

const signed = await stackshift.assets.signedUrl(asset.id, {
  expiresIn: '10m',
  maxDownloads: 1,
})

return signed.url

How signing protects the file

  • Private assets have no public URL — they are only reachable through a signed link your server mints.
  • expiresIn keeps links short-lived so a leaked URL stops working quickly.
  • maxDownloads caps how many times a single link can be used, which suits one-time downloads.
  • Responses come back with no-store cache headers so private files are not cached by intermediaries.

Where signing belongs

Always mint signed URLs on the server, where the API key lives, and hand only the resulting URL to the browser. Never expose the API key to the client just to generate a link.

Expected result

Private assets are only downloadable with valid signed URLs and are returned with no-store cache headers.

StackShift Assets overview

StackShift Assets is now a live media platform: storage, CDN delivery, image optimization, upload sessions, DAM, video, scanning, governance, AI metadata, and version history.

Direct browser uploads

Create a short-lived signed upload URL on your server, then PUT the file directly from the browser.

Video, scanning, and governance

Process video asynchronously, deliver HLS and posters, scan uploads, quarantine infected assets, and enforce account policies.