ftpGrid API documentation
Introduction
Welcome to the ftpGrid API documentation.
ftpGrid initially started as a managed FTP cloud storage platform, allowing customers to use FTP/FTPS/SFTP without the complexity of maintaining their own infrastructure. Visit ftpgrid.com to learn more.
Over time, ftpGrid evolved far beyond simple file transfer. Features such as automation rules for cleanup and retention, AWS S3 and Azure Blob Storage integrations, file/web hosting, and webhooks transformed ftpGrid into a complete file integration platform.
With the addition of the REST API, ftpGrid can now be fully integrated into your own systems, applications, and workflows.
The ftpGrid API is divided into two main areas:
The Management API allows you to manage and configure ftpGrid itself — for example creating FTP accounts, managing access, configuring automation, and handling integrations.
The Storage API provides direct REST-based access to your file storage. This allows you to manage files and directories without using traditional protocols such as FTP, FTPS, SFTP, or SCP.
Throughout this documentation we use HTTPie for examples and testing. The examples should be easy to translate into any programming language or HTTP client.
API domains and auth flow
When using the ftpGrid API you initially need to connect your REST API account to the Management API, where you can manage various parts of your ftpGrid account, like creating FTP accounts. Once your REST API account has authenticated against the Management API, the token can also be used for the Storage API.
Client flow
Auth:
-> Managament API AUTH (https://api.ftpgrid.com/apiaccess/auth)
<- Token
Management API
-> Token -> Management API list FTP accounts (https://api.ftpgrid.com/ftpaccounts/list)
Storage API
-> Token -> Storage API delete file (https://webN.ftpgrid.com/api/delete/)
Management API domain
The Management API is always located at
https://api.ftpgrid.com/
Storage API domain
The Storage API is your assigned ftpGrid storage server, which can be found on ftpGrid Dashboard → Settings
Example:
https://webN.ftpgrid.com/api/list/files
Tip: All required keys and domains are displayed when you create a REST API account
API Keys
To use the ftpGrid REST API you need the following credentials:
AssociationKeyAccessKeySecretKey
The AccessKey and SecretKey together form what we typically refer to as a REST API account.
REST API accounts can be created from:
The AssociationKey is tied to your ftpGrid account and can be found under:
Tip: All required keys and domains are displayed when you create a REST API account
Scopes
REST API accounts are scope-based.
Each account can be limited to only the operations it requires.
Currently supported scopes are:
| Scope | Description |
|---|---|
file.create | Upload/create files |
file.delete | Delete files |
file.read | Read/download files |
file.list | List files and directories |
ftpaccount.create | Create FTP accounts |
ftpaccount.delete | Delete FTP accounts |
ftpaccount.get | Retrieve FTP account details |
ftpaccount.list | List FTP accounts |
ftpaccount.update | Update FTP accounts |
We strongly recommend following the principle of least privilege and only granting the scopes your integration requires.
Expiration
REST API accounts can optionally have an expiration date.
After expiration:
- the account can no longer authenticate
- existing tokens become invalid
- all API access is denied
This is useful for:
- temporary integrations
- contractors or consultants
- testing environments
- rotating credentials
Bearer Tokens
Authentication is performed by exchanging your API credentials for a Bearer token.
Example HTTPie authentication request:
http POST https://api.ftpgrid.com/apiaccess/auth \
AssociationKey="f7bd3870-xxxxxx-xxxxx..." \
AccessKey="AK_xxxxxxxxxxxxxxxxx" \
SecretKey="sk_live_xxxxxxxxxxxxxxxxx"
Raw JSON Body
{
"AssociationKey": "f7bd3870-xxxxxx-xxxxx...",
"AccessKey": "AK_xxxxxxxxxxxxxxxxx",
"SecretKey": "sk_live_xxxxxxxxxxxxxxxxx"
}
Example response:
{
"token": "eyJhbGciOi..."
}
The returned token must be included in subsequent requests:
Authorization: Bearer YOUR_TOKEN
Token Lifetime
Bearer tokens are short-lived for security reasons.
When a token expires:
- simply authenticate again
- obtain a new token
- continue making requests
We recommend your integration automatically refreshes tokens when receiving HTTP 401 Unauthorized.
Example Requests (HTTPie)
Authentication
http POST https://api.ftpgrid.com/apiaccess/auth \
AssociationKey="f7bd3870-xxxxxx-xxxxx..." \
AccessKey="AK_xxxxxxxxxxxxxxxxx" \
SecretKey="sk_live_xxxxxxxxxxxxxxxxx"
Raw JSON Body
{
"AssociationKey": "f7bd3870-xxxxxx-xxxxx...",
"AccessKey": "AK_xxxxxxxxxxxxxxxxx",
"SecretKey": "sk_live_xxxxxxxxxxxxxxxxx"
}
Creating an FTP Account
http POST https://api.ftpgrid.com/ftpaccounts/create \
Authorization:"Bearer YOUR_TOKEN" \
Username="camera01" \
Password="StrongPassword123!" \
AccessRights="RW" \
Chroot="/uploads"
Raw JSON Body
{
"Username": "camera01",
"Password": "StrongPassword123!",
"AccessRights": "RW",
"Chroot": "/uploads"
}
Deleting an FTP Account
http DELETE https://api.ftpgrid.com/ftpaccounts/id/1234 \
Authorization:"Bearer YOUR_TOKEN"
Raw JSON Body
This endpoint does not use a request body.
About ftpGrid
Learn more about ftpGrid at ftpgrid.com.