Contents x
b2_upload_file
    • Print
    • Dark
      Light
    Contents

    b2_upload_file

      • Print
      • Dark
        Light
      Article Summary

      Post
      /b2api/v3/b2_upload_file

      Uploads one file and returns its unique file ID

      Warning
      Do not include Protected Health Information (PHI) or Personally Identifiable Information (PII) in bucket names; object, file, or folder names; or other metadata. This metadata is not encrypted in a way that meets Health Insurance Portability and Accountability Act (HIPAA) protection requirements for PHI/PII data, and it is not generally encrypted in client-side encryption architectures.

      Request

      The upload request is a POST. The file name and other parameters are in the request headers, and the file to be uploaded is the request body.

      URL Path

      Use the b2_get_upload_url operation to get a URL you can use to upload files. The URL it returns will contain your bucket ID and the upload destination, and will look something like this:

      https://pod-000-1007-13.backblaze.com/b2api/v3/b2_upload_file/4a48fe8875c6214145260818/c001_v0001007_t0042

      The following HTTP headers must not be included in the b2_upload_file request:

      • Content-Disposition
      • Content-Encoding
      • Content-Language
      • Content-Location
      • Content-Range
      • Expires

      The file name and file info must fit within a 7,000 byte limit. For files that are uploaded with Server-Side Encryption and/or to Object Lock-enabled buckets, the size limit is reduced to 2,048 bytes. See Files for further details about HTTP header size limit.

      Request HTTP Message Body Parameters

      There are no JSON parameters allowed. The file to be uploaded is the message body and is not encoded in any way. It is not URL encoded. It is not MIME encoded.

      NOTE:

      You must set the Content-Length HTTP header when using either b2_upload_file or b2_upload_part.

      Chunked transfer encoding, which allows the Content-Length header to be omitted, is not supported.

      Header parameters
      Authorization
      stringRequired

      An upload authorization token obtained from b2_get_upload_url.

      X-Bz-File-Name
      stringRequired

      The name of the file, in percent-encoded UTF-8. For example, spaces should be replaced with %20. For more information, see Files for requirements on file names and String Encoding for how to encode strings.

      Content-Type
      stringRequired

      The MIME type of the content of the file, which will be returned in the Content-Type header when downloading the file. Use the Content-Type b2/x-auto to automatically set the stored Content-Type post upload. In the case where a file extension is absent or the lookup fails, the Content-Type is set to application/octet-stream. The Content-Type mappings can be perused here.

      Content-Length
      integerRequired

      The number of bytes in the file being uploaded.


      Note: Chunked transfer encoding, which allows the Content-Length header to be omitted, is not supported.


      When sending the SHA1 checksum at the end, the Content-Length should be set to the size of the file plus the 40 bytes of hex checksum.

      X-Bz-Content-Sha1
      stringRequired

      The SHA1 checksum of the content of the file. B2 will check this when the file is uploaded, to make sure that the file arrived correctly. It will be returned in the X-Bz-Content-Sha1 header when the file is downloaded.


      You may optionally provide the SHA1 at the end of the upload. See the section on Uploading.

      X-Bz-Info-src_last_modified_millis
      string

      If the original source of the file being uploaded has a last modified time concept, Backblaze recommends using this spelling of one of your X-Bz-Info-* headers (see below). Using a standard spelling allows different B2 clients and the B2 web user interface to interoperate correctly. The value should be a base 10 number which represents a UTC time when the original source file was last modified. It is a base 10 number of milliseconds since midnight, January 1, 1970 UTC. This fits in a 64 bit integer such as the type "long" in the programming language Java. It is intended to be compatible with Java's time long. For example, it can be passed directly into the Java call Date.setTime(long time).

      X-Bz-Info-b2-content-disposition
      string

      If this is present, B2 will use it as the value of the 'Content-Disposition' header when the file is downloaded (unless it's overridden by a value given in the download request). The value must match the grammar specified in RFC 6266. Parameter continuations are not supported. 'Extended-value's are supported for charset 'UTF-8' (case-insensitive) when the language is empty. Note that this file info will not be included in downloads as a x-bz-info-b2-content-disposition header. Instead, it (or the value specified in a request) will be in the Content-Disposition.

      X-Bz-Info-b2-content-language
      string

      If this is present, B2 will use it as the value of the 'Content-Language' header when the file is downloaded (unless it's overridden by a value given in the download request). The value must match the grammar specified in RFC 2616. Note that this file info will not be included in downloads as a x-bz-info-b2-content-language header. Instead, it (or the value specified in a request) will be in the Contšnt-Language header.

      X-Bz-Info-b2-expires
      string

      If this is present, B2 will use it as the value of the 'Expires' header when the file is downloaded (unless it's overridden by a value given in the download request). The value must match the grammar specified in RFC 2616. Note that this file info will not be included in downloads as a x-bz-info-b2-expires header. Instead, it (or the value specified in a request) will be in the Expires header.

      X-Bz-Info-b2-cache-control
      string

      If this is present, B2 will use it as the value of the 'Cache-Control' header when the file is downloaded (unless it's overridden by a value given in the download request), and overriding the value defined at the bucket level. The value must match the grammar specified in RFC 2616. Note that this file info will not be included in downloads as a x-bz-info-cache-control header. Instead, it (or the value specified in a request) will be in the Cache-Control header.

      X-Bz-Info-b2-content-encoding
      string

      If this is present, B2 will use it as the value of the 'Content-Encoding' header when the file is downloaded (unless it's overridden by a value given in the download request). The value must match the grammar specified in RFC 2616. Note that this file info will not be included in downloads as a x-bz-info-b2-content-encoding header. Instead, it (or the value specified in a request) will be in the Content-Encoding header.

      X-Bz-Info-*
      string

      The * part of the header name is replaced with the name of a custom field in the file information stored with the file, and the value is an arbitrary UTF-8 string, percent-encoded. The same info headers sent with the upload will be returned with the download. The header name is case insensitive.

      X-Bz-Custom-Upload-Timestamp
      string

      If this is present, B2 will use it as the value of the upload timestamp. The value should be a base 10 number that represents a UTC time when the original source file was uploaded. It is a base 10 number of milliseconds since midnight, January 1st, 1970 UTC. This fits in a 64-bit integer, such as the type long in Java, and so it can be passed directly into the Java call Date.setTime(long time). The value must not use a date that is set to a time in the future.


      NOTE If you need to use this feature, please contact Backblaze support to have the feature enabled on your account.

      X-Bz-File-Legal-Hold
      string

      If this is present, specifies the Object Lock legal hold status for the file. Valid values for this header are on and off. Setting the value requires the writeFileLegalHolds capability and that the bucket is Object Lock-enabled.

      X-Bz-File-Retention-Mode
      string

      If this is present, specifies the Object Lock retention mode for the file. Valid values for this header are governance and compliance. Setting the value requires the writeFileRetentions capability and that the bucket is Object Lock-enabled.


      If this header is present, then a valid X-Bz-File-Retention-Retain-Until-Timestamp header must be present as well.

      X-Bz-File-Retention-Retain-Until-Timestamp
      integer

      If this is present, specifies a Object Lock retention timestamp in the future, after which the intended Object Lock will expire. This header value must be specified as a base 10 number of milliseconds since midnight, January 1, 1970 UTC. Setting the value requires the writeFileRetentions capability and that the bucket is Object Lock-enabled.
      If this header is present, then a valid X-Bz-File-Retention-Mode header must be present as well.

      X-Bz-Server-Side-Encryption
      string

      If this is present, B2 will encrypt the uploaded data before storing the file using Server-Side Encryption with Backblaze-Managed Keys (SSE-B2) with the algorithm specified in this header. Currently, the only supported value for this header is AES256.


      This header must not be present if SSE-C headers (X-Bz-Server-Side-Encryption-Customer-*, see below) are included with this request, and vice versa.

      X-Bz-Server-Side-Encryption-Customer-Algorithm
      string

      If this is present, B2 will encrypt the uploaded data before storing the file using Server-Side Encryption with Customer-Managed Keys (SSE-C) with the algorithm specified in this header. Currently, the only supported value for this header is AES256.

      X-Bz-Server-Side-Encryption-Customer-Key
      string

      If this is present, it specifies the base64-encoded encryption key for Backblaze B2 to use in encrypting data with Server-Side Encryption with Customer-Managed Keys (SSE-C). The value of the header is used to store the file and then is immediately discarded. The key must be appropriate for use with the algorithm specified in the X-Bz-Server-Side-Encryption-Customer-Algorithm header.

      X-Bz-Server-Side-Encryption-Customer-Key-Md5
      string

      If this is present, it specifies the base64-encoded 128-bit MD5 digest of the encryption key to be used with Server-Side Encryption with Customer-Managed Keys (SSE-C). Backblaze B2 uses this header to verify that the encryption key was transmitted correctly.

      Responses
      200

      The request succeeded.


      The response headers include the Content-Type that was specified when the file was uploaded. They also include the X-Bz-FileName and X-Bz-Content-Sha1 headers, plus X-Bz-Info-* headers for any custom file info that was provided with the upload. The X-Bz-FileName uses percent-encoding, as if it were a URL parameter.

      Expand All
      object
      acountId
      string

      The account that owns the file.

      Example12f634bf3cbz
      action
      string

      One of "start", "upload", "hide", "folder", or other values added in the future. "upload" means a file that was uploaded to B2 Cloud Storage. "start" means that a large file has been started, but not finished or canceled. "hide" means a file version marking the file as hidden, so that it will not show up in b2_list_file_names. "folder" is used to indicate a virtual folder when listing files.

      Examplestart
      bucketId
      string

      The bucket that the file is in.

      Example4a48fe8875c6214145260818
      contentLength
      string

      The number of bytes stored in the file. Only useful when the action is "upload". Always 0 when the action is "start", "hide", or "folder".

      Example46
      contentSha1
      string

      The SHA1 of the bytes stored in the file as a 40-digit hex string. Large files do not have SHA1 checksums, and the value is "none". The value is null when the action is "hide" or "folder"

      Examplebae5ed658ab3546aee12f23f36392f35dba1ebdd
      contentMd5
      string

      The MD5 of the bytes stored in the file as a 32-digit hex string. Not all files have an MD5 checksum, so this field is optional, and set to null for files that do not have one. Large files do not have MD5 checksums, and the value is null. The value is also null when the action is "hide" or "folder".

      Exampledc724af18fbdd4e59189f5fe768a5f8311527050
      contentType
      string

      When the action is "upload" or "start", the MIME type of the file, as specified when the file was uploaded. For "hide" action, always "application/x-bz-hide-marker". For "folder" action, always null.

      Exampletext/plain
      fileId
      string

      The unique identifier for this version of this file. Used with b2_get_file_info, b2_download_file_by_id, and b2_delete_file_version. The value is null when for action "folder".

      Example4_h4a48fe8875c6214145260818_f000000000000472a_d20140104_m032022_c001_v0000123_t0104
      fileInfo
      object

      The custom information that was uploaded with the file. This is a JSON object, holding the name/value pairs that were uploaded with the file.

      Example{ "author": "unknown" }
      fileName
      string

      The name of this file, which can be used with b2_download_file_by_name.

      Exampletyping_test.txt
      fileRetention
      object

      The Object Lock retention settings for this file, if any.
      This field is filtered based on application key capabilities; the readFileRetentions capability is required to access the value. See Object Lock for more details on response structure.
      This field is omitted when the action is "hide" or "folder".

      Example{ "isClientAuthorizedToRead": true, "value": { "mode": null, "retainUntilTimestamp": null } }
      isClientAuthorizedToRead
      boolean
      value
      object
      mode
      string
      retainUntilTimestamp
      integer
      legalHold
      object

      The Object Lock legal hold status for this file, if any. This field is filtered based on application key capabilities; the readFileLegalHolds capability is required to access the value. See Object Lock for more details on response structure. This field is omitted when the action is "hide" or "folder".

      Example{ "isClientAuthorizedToRead": true, "value": null }
      isClientAuthorizedToRead
      boolean
      value
      string
      replicationStatus
      string

      The Replication Status for this file, if any. This will show either PENDING, COMPLETED, FAILED, or REPLICA For details see Cloud Replication. This field is omitted when the file is not part of a replication rule.

      ExamplePENDING
      serverSideEncryption
      object

      When the file is encrypted with Server-Side Encryption, the mode ("SSE-B2" or "SSE-C") and algorithm used to encrypt the data. If the file is not encrypted with Server-Side Encryption, then both mode and algorithm will be null. This field is omitted when the action is "hide" or "folder".

      Example{ "algorithm": "AES256", "mode": "SSE-B2" }
      algorithm
      string
      mode
      string
      uploadTimestamp
      integer

      This is a UTC time when this file was uploaded. It is a base 10 number of milliseconds since midnight, January 1, 1970 UTC. This fits in a 64 bit integer such as the type "long" in the programming language Java. It is intended to be compatible with Java's time long. For example, it can be passed directly into the java call Date.setTime(long time). Always 0 when the action is "folder".

      Example1559585435000
      400
      statuscodedescription
      400auth_token_limitThe auth token is already being used. For more information, see Uploading in Parallel.
      400bad_bucket_idThe requested bucket ID does not match an existing bucket.
      400bad_requestThe request had the wrong fields or illegal values. The message returned with the error will describe the problem.
      400custom_timestamp_invalidThe request has an invalid custom upload timestamp.
      400custom_timestamp_not_allowedThe account is not allowed to specify a custom upload timestamp.
      object
      status
      integer

      The numeric HTTP status code. Always matches the status in the HTTP response.

      Example400
      code
      string

      A single-identifier code that identifies the error.

      Exampleinvalid_bucket_name
      message
      string

      A human-readable message, in English, saying what went wrong.

      Examplebucket name is too long
      401
      statuscodedescription
      401bad_auth_tokenThe auth token used is not valid. Call b2_get_upload_url again to get a new one.
      401expired_auth_tokenThe auth token used has expired. Call b2_get_upload_url again to get a new one.
      401unauthorizedThe auth token used is valid, but does not authorize this call with these parameters. The capabilities of an auth token are determined by the application key used with b2_authorize_account.
      403
      statuscodedescription
      403cap_exceededUsage cap exceeded.
      405
      statuscodedescription
      405method_not_allowedOnly POST is supported
      408
      statuscodedescription
      408request_timeoutThe service timed out reading the uploaded file
      415
      statuscodedescription
      415unsupported_media_typeThe requested Content-Type is not valid
      503
      statuscodedescription
      503service_unavailableCall b2_get_upload_url again to get a new auth token.
      Was this article helpful?
      What's Next