B2 Storage

Overview

S3 Compatible API

Application Keys

Buckets

Files

File Versions

CORS Rules

Lifecycle Rules

Server-Side Encryption

Object Lock

Large Files

Calling the API

API Versions

String Encoding

Uploading

Downloading

Integration Checklist

Cloud Replication

Cloudflare Workers

Mobile Bucket Management

 

Quick Start

Get An Account

Python Tutorial

Command-Line Tool

Make a Bucket

Upload a File

Java SDK

B2 Developer Quick-Start

 

API Operations

b2_authorize_account

b2_cancel_large_file

b2_copy_file

b2_copy_part

b2_create_bucket

b2_create_key

b2_delete_bucket

b2_delete_file_version

b2_delete_key

b2_download_file_by_id

b2_download_file_by_name

b2_finish_large_file

b2_get_download_authorization

b2_get_file_info

b2_get_upload_part_url

b2_get_upload_url

b2_hide_file

b2_list_buckets

b2_list_file_names

b2_list_file_versions

b2_list_keys

b2_list_parts

b2_list_unfinished_large_files

b2_start_large_file

b2_update_bucket

b2_update_file_retention

b2_upload_file

b2_upload_part

b2_update_bucket

Update an existing bucket.

Modifies the bucketType, bucket info, lifecycle rules, CORS rules, default server-side encryption settings, or default Object Lock retention settings of an existing bucket. Can be used to allow everyone to download the contents of the bucket without providing any authorization, or to prevent anyone from downloading the contents of the bucket without providing a bucket auth token.

Warning: Do not include Protected Health Information (PHI) or Personally Identifiable Information (PII) in bucket names, object/file/folder names, or other metadata. Such metadata is not encrypted in a way that meets Health Insurance Portability and Accountability Act (HIPAA) protection requirements for PHI/PII data and is not generally encrypted in client-side encryption architectures.

Request

Request HTTP Headers

Authorization

required

An account authorization token, obtained from b2_authorize_account. The token must have the writeBuckets capability.

Request HTTP Message Body Parameters

accountId

required

The account that the bucket is in.

bucketId

required

The unique ID of the bucket.

bucketType

optional

One of: "allPublic", "allPrivate". "allPublic" means that anybody can download the files is the bucket; "allPrivate" means that you need an authorization token to download them.
If not specified, the setting will remain unchanged.

bucketInfo

optional

User-defined information to be stored with the bucket: a JSON object mapping names to values. See Buckets.
If specified, the existing bucket info will be replaced with the new info. If not specified, the setting will remain unchanged.
Cache-Control policies can be set here on a global level for all the files in the bucket.

corsRules

optional

The list of CORS rules for this bucket. See CORS Rules for an overview and the rule structure.
If specified, the existing CORS rules will be replaced with this new list. If not specified, the setting will remain unchanged.

defaultRetention

optional

The default Object Lock retention settings for this bucket. See Object Lock for an overview and the parameter structure.
If specified, the existing default bucket retention settings will be replaced with the new settings. If not specified, the setting will remain unchanged. Setting the value requires the writeBucketRetentions capability and that the bucket is Object Lock-enabled.

defaultServerSideEncryption

optional

The default server-side encryption settings for this bucket. See Server-Side Encryption for an overview and the parameter structure.
If specified, the existing default bucket encryption settings will be replaced with the new settings. If not specified, the setting will remain unchanged. Setting the value requires the writeBucketEncryption capability.

fileLockEnabled

optional

If present, the Boolean value specifies whether the bucket has Object Lock enabled. Once Object Lock is enabled on a bucket, it cannot be disabled.
A value of true will be accepted if you have writeBucketRetentions capability. But you cannot enable Object Lock on a restricted bucket (e.g. share buckets, snapshot) or on a bucket that contains source replication configuration.
A value of false will only be accepted if the bucket does not have Object Lock enabled.
After enabling Object Lock on a bucket containing files with metadata over the lower 2,048 byte limit, API requests to b2_update_file_retention and b2_update_file_legal_hold will be rejected. This is because setting file retention or legal hold on a file adds additional headers when the file is downloaded, for example, with b2_download_file_by_name. In such cases, you can use b2_copy_file with a REPLACE metadataDirective to copy the file, give it less metadata, and also specify the fileRetention and legalHold parameters. The original file can then be deleted with b2_delete_file_version.

lifecycleRules

optional

The list of lifecycle rules for this bucket. Structure defined below. See Lifecycle Rules for an overview and the rule structure.
If specified, the existing lifecycle rules will be replaced with this new list. If not specified, the setting will remain unchanged.

replicationConfiguration

optional

The list of replication rules for this bucket. See Cloud Replication Rules

ifRevisionIs

optional

When set, the update will only happen if the revision number stored in the B2 service matches the one passed in. This can be used to avoid having simultaneous updates make conflicting changes.

Response

Response HTTP Status 200

Bucket successfully updated. The JSON response will contain:

accountId

The account that the bucket is in.

bucketId

The unique ID of the bucket.

bucketName

The unique name of the bucket

bucketType

One of: allPublic, allPrivate, restricted, snapshot, shared, or other values added in the future. allPublic means that anybody can download the files is the bucket; allPrivate means that you need an authorization token to download them; snapshot means that it's a private bucket containing snapshots created on the B2 web site.

bucketInfo

The user data stored with this bucket.

corsRules

The CORS rules for this bucket. See CORS Rules for an overview and the rule structure.

fileLockConfiguration

The Object Lock configuration for this bucket.
This field is filtered based on application key capabilities; readBucketRetentions capability is required to access the value. See Object Lock for more details on response structure.

defaultServerSideEncryption

The default bucket Server-Side Encryption settings for new files uploaded to this bucket.
This field is filtered based on application key capabilities; readBucketEncryption capability is required to access the value. See Server-Side Encryption for more details on response structure.

lifecycleRules

The list of lifecycle rules for this bucket. See Lifecycle Rules for an overview and the rule structure.

replicationConfiguration

The list of replication rules for this bucket. See Cloud Replication Rules for an overview and the rule structure.

revision

A counter that is updated every time the bucket is modified, and can be used with the ifRevisionIs parameter to b2_update_bucket to prevent colliding, simultaneous updates.

options

When present and set to s3, the bucket can be accessed through the S3 Compatible API.

Response Errors

Bucket not updated. If possible the server will return a JSON error structure. Errors include:

status

code

description

400

bad_bucket_id

The requested bucket ID does not match an existing bucket.

400

bad_request

The request had the wrong fields or illegal values. The message returned with the error will describe the problem.

400

cannot_delete_non_empty_bucket

A bucket must be empty before it can be deleted. To delete this bucket, first remove all of the files in the bucket, then try the delete operation again.

400

file_lock_conflict

This operation is not allowed because Object Lock is enabled on the bucket.

400

restricted_bucket_conflict

This operation is not allowed because the bucket is restricted.

400

source_replication_conflict

This operation is not allowed because source replication configuration is present on the bucket.

401

bad_auth_token

The auth token used is not valid. Call b2_authorize_account again to either get a new one, or an error message describing the problem.

401

expired_auth_token

The auth token used has expired. Call b2_authorize_account again to get a new one.

401

unauthorized

The auth token used is valid, but does not authorize this call with these parameters. The capabilities of an auth token are determined by the application key used with b2_authorize_account.

403

transaction_cap_exceeded

Transaction cap exceeded. To increase your cap, sign in to your B2 Cloud Storage account online. Then select the Caps & Alerts link in the B2 Cloud Storage section of the sidebar.

409

conflict

The ifRevisionIs test failed.

API Versions

v1: Application keys (July 26, 2018)

Incompatible change: After calling b2_authorize_account with an application key that does not have the right permissions, this call will return a 401 Unauthorized.

v1: Original release (September 22, 2015)

Sample Code

Code

curl \
    -H 'Authorization: ACCOUNT_AUTHORIZATION_TOKEN' \
    -d '{"accountId": "ACCOUNT_ID", "bucketId": "BUCKET_ID", "bucketType": "allPublic"}' \
    https://apiNNN.backblazeb2.com/b2api/v2/b2_update_bucket

Output

{
    "accountId": "12f634bf3cbz",
    "bucketId": "4a48fe8875c6214145260818",
    "bucketInfo": {},
    "bucketName": "any-name-you-pick",
    "bucketType": "allPrivate",
    "corsRules": [],
    "defaultServerSideEncryption": {
      "isClientAuthorizedToRead": false,
      "value": null
    },
    "fileLockConfiguration": {
      "isClientAuthorizedToRead": true,
      "value": {
        "defaultRetention": {
          "mode": null,
          "period": null
        },
        "isFileLockEnabled": true
      }
    },
    "lifecycleRules": [],
    "options": [],
    "revision": 2
}

Code

import java.io.*;
import java.util.*;
import javax.json.*;
import java.net.HttpURLConnection;
import java.net.URL;

String apiUrl = ""; // Provided by b2_authorize_account
String accountAuthorizationToken = ""; // Provided by b2_authorize_account
String accountId = ""; // The 12 digit ID of the account. 
String bucketId = ""; // The ID of the bucket you want to update
String bucketType = ""; // The type of bucket: "allPublic" or "allPrivate"
String postParams = "{\"accountId\":\"" + accountId + "\",\"bucketId\":\"" + bucketId + "\",\"bucketType\":\"" + bucketType + "\"}";
byte postData[] = postParams.getBytes(StandardCharsets.UTF_8);
try {
    URL url = new URL(apiUrl + "/b2api/v2/b2_update_bucket");
    HttpURLConnection connection = (HttpURLConnection)url.openConnection();
    connection.setRequestMethod("POST");
    connection.setRequestProperty("Authorization", accountAuthorizationToken);
    connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
    connection.setRequestProperty("charset", "utf-8");
    connection.setRequestProperty("Content-Length", Integer.toString(postData.length));
    connection.setDoOutput(true);
    DataOutputStream writer = new DataOutputStream(connection.getOutputStream());
    writer.write(postData);
    String jsonResponse = myInputStreamReader(connection.getInputStream());
    System.out.println(jsonResponse);
} catch (Exception e) {
    e.printStackTrace();
} finally {
    connection.disconnect();
}

static public String myInputStreamReader(InputStream in) throws IOException {
    InputStreamReader reader = new InputStreamReader(in);
    StringBuilder sb = new StringBuilder();
    int c = reader.read();
    while (c != -1) {
        sb.append((char)c);
        c = reader.read();
    }
    reader.close();
    return sb.toString();
}

Output

{
    "accountId": "12f634bf3cbz",
    "bucketId": "4a48fe8875c6214145260818",
    "bucketInfo": {},
    "bucketName": "any-name-you-pick",
    "bucketType": "allPrivate",
    "corsRules": [],
    "defaultServerSideEncryption": {
      "isClientAuthorizedToRead": false,
      "value": null
    },
    "fileLockConfiguration": {
      "isClientAuthorizedToRead": true,
      "value": {
        "defaultRetention": {
          "mode": null,
          "period": null
        },
        "isFileLockEnabled": true
      }
    },
    "lifecycleRules": [],
    "options": [],
    "revision": 2
}

Code

import json
import urllib2

api_url = "" # Provided by b2_authorize_account
account_authorization_token = ""  # Provided by b2_authorize_account
account_id = "" # The 12 digit ID of the account. 
bucket_id = "" # The ID of the bucket you want to update
bucket_type = "" # The type of bucket: "allPublic" or "allPrivate"
request = urllib2.Request(
	'%s/b2api/v2/b2_update_bucket' % api_url,
	json.dumps({ 'accountId' : account_id, 'bucketId' : bucket_id, 'bucketType' : bucket_type }),
	headers = { 'Authorization': account_authorization_token }
	)
response = urllib2.urlopen(request)
response_data = json.loads(response.read())
response.close()

Output

{
    "accountId": "12f634bf3cbz",
    "bucketId": "4a48fe8875c6214145260818",
    "bucketInfo": {},
    "bucketName": "any-name-you-pick",
    "bucketType": "allPrivate",
    "corsRules": [],
    "defaultServerSideEncryption": {
      "isClientAuthorizedToRead": false,
      "value": null
    },
    "fileLockConfiguration": {
      "isClientAuthorizedToRead": true,
      "value": {
        "defaultRetention": {
          "mode": null,
          "period": null
        },
        "isFileLockEnabled": true
      }
    },
    "lifecycleRules": [],
    "options": [],
    "revision": 2
}

Code

import Foundation

let apiUrl = "" // Provided by b2_authorize_account
let accountAuthorizationToken = "" // Provided from b2_authorize_account
let accountId = "" // The 12 digit ID of the account.
let bucketId = "" // The ID of the bucket you want to update
let bucketType = "" // The type of bucket: "allPublic" or "allPrivate"

// Create the request
var request = URLRequest(url: URL(string: "\(apiUrl)/b2api/v2/b2_update_bucket")!)
request.httpMethod = "POST"
request.addValue(accountAuthorizationToken, forHTTPHeaderField: "Authorization")
request.httpBody = "{\"accountId\":\"\(accountId)\", \"bucketId\":\"\(bucketId)\", \"bucketType\":\"\(bucketType)\"}".data(using: .utf8)

// Create the task
let task = URLSession.shared.dataTask(with: request) { (data, response, error) in
	if let data = data {
		let json = String(data: data, encoding: .utf8)
		print(json!)
	}
}

// Start the task
task.resume()

// Swift 4.1 (swiftlang-902.0.48 clang-902.0.37.1) Xcode 9.3.1 (9E501)

Output

{
    "accountId": "12f634bf3cbz",
    "bucketId": "4a48fe8875c6214145260818",
    "bucketInfo": {},
    "bucketName": "any-name-you-pick",
    "bucketType": "allPrivate",
    "corsRules": [],
    "defaultServerSideEncryption": {
      "isClientAuthorizedToRead": false,
      "value": null
    },
    "fileLockConfiguration": {
      "isClientAuthorizedToRead": true,
      "value": {
        "defaultRetention": {
          "mode": null,
          "period": null
        },
        "isFileLockEnabled": true
      }
    },
    "lifecycleRules": [],
    "options": [],
    "revision": 2
}

Code

require 'json'
require 'net/http'

api_url = "" # Provided by b2_authorize_account
account_authorization_token = ""  # Provided by b2_authorize_account
account_id = "" # The 12 digit ID of the account. 
bucket_id = "" # The ID of the bucket you want to update
bucket_type = "" # The type of bucket: "allPublic" or "allPrivate"
uri = URI("#{api_url}/b2api/v2/b2_update_bucket")
req = Net::HTTP::Post.new(uri)
req.add_field("Authorization","#{account_authorization_token}")
req.body = "{\"accountId\":\"#{account_id}\",\"bucketId\":\"#{bucket_id}\",\"bucketType\":\"#{bucket_type}\"}"
http = Net::HTTP.new(req.uri.host, req.uri.port)
http.use_ssl = (req.uri.scheme == 'https')
res = http.start {|http| http.request(req)}
case res
when Net::HTTPSuccess then
    res.body
when Net::HTTPRedirection then
    fetch(res['location'], limit - 1)
else
    res.error!
end

Output

{
    "accountId": "12f634bf3cbz",
    "bucketId": "4a48fe8875c6214145260818",
    "bucketInfo": {},
    "bucketName": "any-name-you-pick",
    "bucketType": "allPrivate",
    "corsRules": [],
    "defaultServerSideEncryption": {
      "isClientAuthorizedToRead": false,
      "value": null
    },
    "fileLockConfiguration": {
      "isClientAuthorizedToRead": true,
      "value": {
        "defaultRetention": {
          "mode": null,
          "period": null
        },
        "isFileLockEnabled": true
      }
    },
    "lifecycleRules": [],
    "options": [],
    "revision": 2
}

Code

String apiUrl = "API_URL"; //Provided by b2_authorize_account 
String accountAuthorizationToken = "ACCOUNT_AUTHORIZATION_TOKEN"; //Provided by b2_authorize_account
String accountId = "ACCOUNT_ID"; //B2 Cloud Storage AccountID 
String bucketId = "BUCKET_ID; //The unique bucket ID
String bucketType = "BUCKET_TYPE"; //"allPrivate" - or - "allPublic" 
HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(apiUrl + "/b2api/v2/b2_update_bucket");
string body = 
"{\"accountId\":\"" + accountId + "\",\n" +
"\"bucketId\":\"" + bucketId + "\",\n" +
"\"bucketType\":\"" + bucketType + "\"}";
var data = Encoding.UTF8.GetBytes(body);
webRequest.Method = "POST";
webRequest.Headers.Add("Authorization", accountAuthorizationToken);
webRequest.ContentType = "application/json; charset=utf-8";
webRequest.ContentLength = data.Length;
using (var stream = webRequest.GetRequestStream())
{
stream.Write(data, 0, data.Length);
stream.Close();
}
WebResponse response = (HttpWebResponse)webRequest.GetResponse();
var responseString = new StreamReader(response.GetResponseStream()).ReadToEnd();
response.Close();
Console.WriteLine(responseString);

Output

{
    "accountId": "12f634bf3cbz",
    "bucketId": "4a48fe8875c6214145260818",
    "bucketInfo": {},
    "bucketName": "any-name-you-pick",
    "bucketType": "allPrivate",
    "corsRules": [],
    "defaultServerSideEncryption": {
      "isClientAuthorizedToRead": false,
      "value": null
    },
    "fileLockConfiguration": {
      "isClientAuthorizedToRead": true,
      "value": {
        "defaultRetention": {
          "mode": null,
          "period": null
        },
        "isFileLockEnabled": true
      }
    },
    "lifecycleRules": [],
    "options": [],
    "revision": 2
}

Code

$account_id = ""; // Obtained from your B2 account page
$api_url = ""; // From b2_authorize_account call
$auth_token = ""; // From b2_authorize_account call
$account_id = ""; // The 12 digit ID of the account. 
$bucket_id = "";  // The ID of the bucket you want to update
$bucket_type = "allPublic"; // Either allPublic or allPrivate

$session = curl_init($api_url .  "/b2api/v2/b2_update_bucket");

// Add post fields
$data = array("accountId" => $account_id, "bucketId" => $bucket_id, "bucketType" => $bucket_type);
$post_fields = json_encode($data);
curl_setopt($session, CURLOPT_POSTFIELDS, $post_fields); 

// Add headers
$headers = array();
$headers[] = "Authorization: " . $auth_token;
curl_setopt($session, CURLOPT_HTTPHEADER, $headers); 

curl_setopt($session, CURLOPT_POST, true); // HTTP POST
curl_setopt($session, CURLOPT_RETURNTRANSFER, true);  // Receive server response
$server_output = curl_exec($session); // Let's do this!
curl_close ($session); // Clean up
echo ($server_output); // Tell me about the rabbits, George!

Output

{
    "accountId": "12f634bf3cbz",
    "bucketId": "4a48fe8875c6214145260818",
    "bucketInfo": {},
    "bucketName": "any-name-you-pick",
    "bucketType": "allPrivate",
    "corsRules": [],
    "defaultServerSideEncryption": {
      "isClientAuthorizedToRead": false,
      "value": null
    },
    "fileLockConfiguration": {
      "isClientAuthorizedToRead": true,
      "value": {
        "defaultRetention": {
          "mode": null,
          "period": null
        },
        "isFileLockEnabled": true
      }
    },
    "lifecycleRules": [],
    "options": [],
    "revision": 2
}