Sign a Media Upload
Mints a short-lived signature for a direct browser-to-Cloudinary upload.
The browser POSTs the file plus every returned field to upload_url and
reads secure_url from Cloudinary’s response. The API secret never
leaves the backend; only the upload is signed (delivery stays public).
Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
Body
Request a signed upload for a given media purpose.
What the upload is for; scopes the folder and limits.
"signature"Response
Successful Response
Provider-neutral signed-upload envelope.
Same shape as an S3 presigned POST, so storage can be swapped later with
no frontend/SDK change: the client POSTs file + every key in
fields to upload_url and reads secure_url from the response.
Endpoint the browser POSTs the file + fields to.
Form fields the browser must POST verbatim alongside the file.
Cloudinary recomputes the signature from these params and rejects on any mismatch, so the client sends them byte-for-byte as returned here. Every signed param is included — omitting one would break signature validation.
