Getting started
Introduction
The ftpGrid Storage API allows you to perform CRUD actions directly against your storage, without using the FTP or SFTP protocols.
The API is designed for applications, integrations, automation workflows and server-to-server communication where direct HTTP access is preferable over traditional file transfer protocols.
In order to utilize the Storage API, you first need a REST API account. See the Management API section to learn how to create REST API access for your ftpGrid account.
Authentication
The Storage API uses Bearer tokens.
Before accessing the Storage API, you must first authenticate against the Management API and obtain a temporary JWT access token.
Example Authentication Request
http POST https://api.ftpgrid.com/apiaccess/auth \
AssociationKey="YOUR_ASSOCIATION_KEY" \
AccessKey="YOUR_ACCESS_KEY" \
SecretKey="YOUR_SECRET_KEY"
Raw JSON Body
{
"AssociationKey": "YOUR_ASSOCIATION_KEY",
"AccessKey": "YOUR_ACCESS_KEY",
"SecretKey": "YOUR_SECRET_KEY"
}
Example response:
{
"token": "eyJhbGc..."
}
The returned token must be included in all subsequent Storage API requests:
Authorization: Bearer YOUR_TOKEN
API Base URL
Storage API requests are made directly against your assigned ftpGrid storage server.
Example:
https://webN.ftpgrid.com/api/list/files
Available Endpoints
The current Storage API includes the following endpoints:
| Endpoint | Description |
|---|---|
/api/list/tree | Recursively list files and directories |
/api/list/dirs | List directories |
/api/list/files | List files |
/api/move | Move or rename files |
/api/mkdir | Create directories |
/api/upload | Upload files |
/api/download/prepare | Prepare multi-file download |
/api/download/multi | Download multiple files |
/api/download/single | Download a single file |
/api/delete | Delete files |
API Scopes
The Storage API uses scope-based access control.
An API user only has access to endpoints matching the assigned scopes.
Examples:
| Scope | Description |
|---|---|
file.list | Allows file and directory listing |
file.read | Allows file downloads |
file.create | Allows uploads and directory creation |
file.rename | Allows move and rename operations |
file.delete | Allows file deletion |
JSON Responses
All Storage API endpoints return JSON responses unless explicitly downloading files. Make sure to test the HTTP code - if none 200, a rslt object will returned.
Example:
{
"rslt": "OK"
}
Errors are also returned as JSON:
{
"rslt": "Access denied"
}
Path Handling
All paths in the Storage API are UNIX-style paths.
Examples:
/documents/report.pdf
/images/logo.png
Paths are automatically sanitized and normalized by the platform.
Uploads
Uploads are performed using multipart/form-data.
The upload endpoint supports:
- File uploads
- Directory creation
- Overwrite handling
- Multi-file uploads
- Upload metadata
See the individual upload endpoint documentation for examples.
Download Flow
Single-file downloads can be requested directly.
Multi-file downloads use a prepare-and-download workflow:
- Prepare download
- Receive temporary download reference
- Download generated archive
Rate Limits
The Storage API is subject to platform rate limits and quota restrictions.
This includes:
- Storage quotas
- Upload limits
- Bandwidth limits
- Request throttling
Security
All Storage API communication is encrypted using HTTPS.
JWT access tokens are short-lived and automatically expire after a limited period of time.
Never expose your AccessKey or SecretKey in frontend applications or public repositories.
Next Steps
Continue with the individual endpoint documentation for request and response examples.
About ftpGrid
Learn more about ftpGrid at ftpgrid.com.