b2_upload_file
    • Dark
      Light

    b2_upload_file

    • Dark
      Light

    Article Summary

    Post
    /b2api/v3/b2_upload_file

    Uploads one file and returns its unique file ID

    Warning
    Do not include Protected Health Information (PHI) or Personally Identifiable Information (PII) in bucket names; object, file, or folder names; or other metadata. This metadata is not encrypted in a way that meets Health Insurance Portability and Accountability Act (HIPAA) protection requirements for PHI/PII data, and it is not generally encrypted in client-side encryption architectures.

    Request

    The upload request is a POST. The file name and other parameters are in the request headers, and the file to be uploaded is the request body.

    URL Path

    Use the b2_get_upload_url operation to get a URL you can use to upload files. The URL it returns will contain your bucket ID and the upload destination, and will look something like this:

    https://pod-000-1007-13.backblaze.com/b2api/v3/b2_upload_file/4a48fe8875c6214145260818/c001_v0001007_t0042

    The following HTTP headers must not be included in the b2_upload_file request:

    • Content-Disposition
    • Content-Encoding
    • Content-Language
    • Content-Location
    • Content-Range
    • Expires

    The file name and file info must fit within a 7,000 byte limit. For files that are uploaded with Server-Side Encryption and/or to Object Lock-enabled buckets, the size limit is reduced to 2,048 bytes. See Files for further details about HTTP header size limit.

    Request HTTP Message Body Parameters

    There are no JSON parameters allowed. The file to be uploaded is the message body and is not encoded in any way. It is not URL encoded. It is not MIME encoded.

    NOTE:

    You must set the Content-Length HTTP header when using either b2_upload_file or b2_upload_part.

    Chunked transfer encoding, which allows the Content-Length header to be omitted, is not supported.

    Header parameters
    Authorization
    stringRequired

    An upload authorization token obtained from b2_get_upload_url.

    X-Bz-File-Name
    stringRequired

    The name of the file, in percent-encoded UTF-8. For example, spaces should be replaced with %20. For more information, see Files for requirements on file names and String Encoding for how to encode strings.

    Content-Type
    stringRequired

    The MIME type of the content of the file, which will be returned in the Content-Type header when downloading the file. Use the Content-Type b2/x-auto to automatically set the stored Content-Type post upload. In the case where a file extension is absent or the lookup fails, the Content-Type is set to application/octet-stream. The Content-Type mappings can be perused here.

    Content-Length
    integerRequired

    The number of bytes in the file being uploaded.


    Note: Chunked transfer encoding, which allows the Content-Length header to be omitted, is not supported.


    When sending the SHA1 checksum at the end, the Content-Length should be set to the size of the file plus the 40 bytes of hex checksum.

    X-Bz-Content-Sha1
    stringRequired

    The SHA1 checksum of the content of the file. B2 will check this when the file is uploaded, to make sure that the file arrived correctly. It will be returned in the X-Bz-Content-Sha1 header when the file is downloaded.


    You may optionally provide the SHA1 at the end of the upload. See the section on Uploading.

    X-Bz-Info-src_last_modified_millis
    string

    If the original source of the file being uploaded has a last modified time concept, Backblaze recommends using this spelling of one of your X-Bz-Info-* headers (see below). Using a standard spelling allows different B2 clients and the B2 web user interface to interoperate correctly. The value should be a base 10 number which represents a UTC time when the original source file was last modified. It is a base 10 number of milliseconds since midnight, January 1, 1970 UTC. This fits in a 64 bit integer such as the type "long" in the programming language Java. It is intended to be compatible with Java's time long. For example, it can be passed directly into the Java call Date.setTime(long time).

    X-Bz-Info-b2-content-disposition
    string

    If this is present, B2 will use it as the value of the 'Content-Disposition' header when the file is downloaded (unless it's overridden by a value given in the download request). The value must match the grammar specified in RFC 6266. Parameter continuations are not supported. 'Extended-value's are supported for charset 'UTF-8' (case-insensitive) when the language is empty. Note that this file info will not be included in downloads as a x-bz-info-b2-content-disposition header. Instead, it (or the value specified in a request) will be in the Content-Disposition.

    X-Bz-Info-b2-content-language
    string

    If this is present, B2 will use it as the value of the 'Content-Language' header when the file is downloaded (unless it's overridden by a value given in the download request). The value must match the grammar specified in RFC 2616. Note that this file info will not be included in downloads as a x-bz-info-b2-content-language header. Instead, it (or the value specified in a request) will be in the Contšnt-Language header.

    X-Bz-Info-b2-expires
    string

    If this is present, B2 will use it as the value of the 'Expires' header when the file is downloaded (unless it's overridden by a value given in the download request). The value must match the grammar specified in RFC 2616. Note that this file info will not be included in downloads as a x-bz-info-b2-expires header. Instead, it (or the value specified in a request) will be in the Expires header.

    X-Bz-Info-b2-cache-control
    string

    If this is present, B2 will use it as the value of the 'Cache-Control' header when the file is downloaded (unless it's overridden by a value given in the download request), and overriding the value defined at the bucket level. The value must match the grammar specified in RFC 2616. Note that this file info will not be included in downloads as a x-bz-info-cache-control header. Instead, it (or the value specified in a request) will be in the Cache-Control header.

    X-Bz-Info-b2-content-encoding
    string

    If this is present, B2 will use it as the value of the 'Content-Encoding' header when the file is downloaded (unless it's overridden by a value given in the download request). The value must match the grammar specified in RFC 2616. Note that this file info will not be included in downloads as a x-bz-info-b2-content-encoding header. Instead, it (or the value specified in a request) will be in the Content-Encoding header.

    X-Bz-Info-*
    string

    The * part of the header name is replaced with the name of a custom field in the file information stored with the file, and the value is an arbitrary UTF-8 string, percent-encoded. The same info headers sent with the upload will be returned with the download. The header name is case insensitive.

    X-Bz-Custom-Upload-Timestamp
    string

    If this is present, B2 will use it as the value of the upload timestamp. The value should be a base 10 number that represents a UTC time when the original source file was uploaded. It is a base 10 number of milliseconds since midnight, January 1st, 1970 UTC. This fits in a 64-bit integer, such as the type long in Java, and so it can be passed directly into the Java call Date.setTime(long time). The value must not use a date that is set to a time in the future.


    NOTE If you need to use this feature, please contact Backblaze support to have the feature enabled on your account.

    X-Bz-File-Legal-Hold
    string

    If this is present, specifies the Object Lock legal hold status for the file. Valid values for this header are on and off. Setting the value requires the writeFileLegalHolds capability and that the bucket is Object Lock-enabled.

    X-Bz-File-Retention-Mode
    string

    If this is present, specifies the Object Lock retention mode for the file. Valid values for this header are governance and compliance. Setting the value requires the writeFileRetentions capability and that the bucket is Object Lock-enabled.


    If this header is present, then a valid X-Bz-File-Retention-Retain-Until-Timestamp header must be present as well.

    X-Bz-File-Retention-Retain-Until-Timestamp
    integer

    If this is present, specifies a Object Lock retention timestamp in the future, after which the intended Object Lock will expire. This header value must be specified as a base 10 number of milliseconds since midnight, January 1, 1970 UTC. Setting the value requires the writeFileRetentions capability and that the bucket is Object Lock-enabled.
    If this header is present, then a valid X-Bz-File-Retention-Mode header must be present as well.

    X-Bz-Server-Side-Encryption
    string

    If this is present, B2 will encrypt the uploaded data before storing the file using Server-Side Encryption with Backblaze-Managed Keys (SSE-B2) with the algorithm specified in this header. Currently, the only supported value for this header is AES256.


    This header must not be present if SSE-C headers (X-Bz-Server-Side-Encryption-Customer-*, see below) are included with this request, and vice versa.

    X-Bz-Server-Side-Encryption-Customer-Algorithm
    string

    If this is present, B2 will encrypt the uploaded data before storing the file using Server-Side Encryption with Customer-Managed Keys (SSE-C) with the algorithm specified in this header. Currently, the only supported value for this header is AES256.

    X-Bz-Server-Side-Encryption-Customer-Key
    string

    If this is present, it specifies the base64-encoded encryption key for Backblaze B2 to use in encrypting data with Server-Side Encryption with Customer-Managed Keys (SSE-C). The value of the header is used to store the file and then is immediately discarded. The key must be appropriate for use with the algorithm specified in the X-Bz-Server-Side-Encryption-Customer-Algorithm header.

    X-Bz-Server-Side-Encryption-Customer-Key-Md5
    string

    If this is present, it specifies the base64-encoded 128-bit MD5 digest of the encryption key to be used with Server-Side Encryption with Customer-Managed Keys (SSE-C). Backblaze B2 uses this header to verify that the encryption key was transmitted correctly.

    Responses
    200

    The request succeeded.


    The response headers include the Content-Type that was specified when the file was uploaded. They also include the X-Bz-FileName and X-Bz-Content-Sha1 headers, plus X-Bz-Info-* headers for any custom file info that was provided with the upload. The X-Bz-FileName uses percent-encoding, as if it were a URL parameter.

    Expand All
    object
    accountId
    string

    The account that owns the file.

    Example12f634bf3cbz
    action
    string

    One of "start", "upload", "hide", "folder", or other values added in the future. "upload" means a file that was uploaded to B2 Cloud Storage. "start" means that a large file has been started, but not finished or canceled. "hide" means a file version marking the file as hidden, so that it will not show up in b2_list_file_names. "folder" is used to indicate a virtual folder when listing files.

    Examplestart
    bucketId
    string

    The bucket that the file is in.

    Example4a48fe8875c6214145260818
    contentLength
    string

    The number of bytes stored in the file. Only useful when the action is "upload". Always 0 when the action is "start", "hide", or "folder".

    Example46
    contentSha1
    string

    The SHA1 of the bytes stored in the file as a 40-digit hex string. Large files do not have SHA1 checksums, and the value is "none". The value is null when the action is "hide" or "folder"

    Examplebae5ed658ab3546aee12f23f36392f35dba1ebdd
    contentMd5
    string

    The MD5 of the bytes stored in the file as a 32-digit hex string. Not all files have an MD5 checksum, so this field is optional, and set to null for files that do not have one. Large files do not have MD5 checksums, and the value is null. The value is also null when the action is "hide" or "folder".

    Exampledc724af18fbdd4e59189f5fe768a5f8311527050
    contentType
    string

    When the action is "upload" or "start", the MIME type of the file, as specified when the file was uploaded. For "hide" action, always "application/x-bz-hide-marker". For "folder" action, always null.

    Exampletext/plain
    fileId
    string

    The unique identifier for this version of this file. Used with b2_get_file_info, b2_download_file_by_id, and b2_delete_file_version. The value is null when for action "folder".

    Example4_h4a48fe8875c6214145260818_f000000000000472a_d20140104_m032022_c001_v0000123_t0104
    fileInfo
    object

    The custom information that was uploaded with the file. This is a JSON object, holding the name/value pairs that were uploaded with the file.

    Example{ "author": "unknown" }
    fileName
    string

    The name of this file, which can be used with b2_download_file_by_name.

    Exampletyping_test.txt
    fileRetention
    object

    The Object Lock retention settings for this file, if any.
    This field is filtered based on application key capabilities; the readFileRetentions capability is required to access the value. See Object Lock for more details on response structure.
    This field is omitted when the action is "hide" or "folder".

    Example{ "isClientAuthorizedToRead": true, "value": { "mode": null, "retainUntilTimestamp": null } }
    isClientAuthorizedToRead
    boolean
    value
    object
    mode
    string
    retainUntilTimestamp
    integer
    legalHold
    object

    The Object Lock legal hold status for this file, if any. This field is filtered based on application key capabilities; the readFileLegalHolds capability is required to access the value. See Object Lock for more details on response structure. This field is omitted when the action is "hide" or "folder".

    Example{ "isClientAuthorizedToRead": true, "value": null }
    isClientAuthorizedToRead
    boolean
    value
    string
    replicationStatus
    string

    The Replication Status for this file, if any. This will show either PENDING, COMPLETED, FAILED, or REPLICA For details see Cloud Replication. This field is omitted when the file is not part of a replication rule.

    ExamplePENDING
    serverSideEncryption
    object

    When the file is encrypted with Server-Side Encryption, the mode ("SSE-B2" or "SSE-C") and algorithm used to encrypt the data. If the file is not encrypted with Server-Side Encryption, then both mode and algorithm will be null. This field is omitted when the action is "hide" or "folder".

    Example{ "algorithm": "AES256", "mode": "SSE-B2" }
    algorithm
    string
    mode
    string
    uploadTimestamp
    integer

    This is a UTC time when this file was uploaded. It is a base 10 number of milliseconds since midnight, January 1, 1970 UTC. This fits in a 64 bit integer such as the type "long" in the programming language Java. It is intended to be compatible with Java's time long. For example, it can be passed directly into the java call Date.setTime(long time). Always 0 when the action is "folder".

    Example1559585435000
    400
    statuscodedescription
    400auth_token_limitThe auth token is already being used. For more information, see Uploading in Parallel.
    400bad_bucket_idThe requested bucket ID does not match an existing bucket.
    400bad_requestThe request had the wrong fields or illegal values. The message returned with the error will describe the problem.
    400custom_timestamp_invalidThe request has an invalid custom upload timestamp.
    400custom_timestamp_not_allowedThe account is not allowed to specify a custom upload timestamp.
    object
    status
    integer

    The numeric HTTP status code. Always matches the status in the HTTP response.

    Example400
    code
    string

    A single-identifier code that identifies the error.

    Exampleinvalid_bucket_name
    message
    string

    A human-readable message, in English, saying what went wrong.

    Examplebucket name is too long
    401
    statuscodedescription
    401bad_auth_tokenThe auth token used is not valid. Call b2_get_upload_url again to get a new one.
    401expired_auth_tokenThe auth token used has expired. Call b2_get_upload_url again to get a new one.
    401unauthorizedThe auth token used is valid, but does not authorize this call with these parameters. The capabilities of an auth token are determined by the application key used with b2_authorize_account.
    403
    statuscodedescription
    403cap_exceededUsage cap exceeded.
    405
    statuscodedescription
    405method_not_allowedOnly POST is supported
    408
    statuscodedescription
    408request_timeoutThe service timed out reading the uploaded file
    415
    statuscodedescription
    415unsupported_media_typeThe requested Content-Type is not valid
    503
    statuscodedescription
    503service_unavailableCall b2_get_upload_url again to get a new auth token.

    Was this article helpful?

    What's Next