POST
/
v1
/
storage
/
configure-cors
curl -X POST https://api.verbalisai.com/v1/storage/configure-cors \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "allowedOrigins": ["https://example.com", "https://app.example.com"],
    "allowedMethods": ["GET", "POST", "PUT"],
    "allowedHeaders": ["Content-Type", "Authorization"],
    "maxAgeSeconds": 7200
  }'

{
  "success": true,
  "message": "CORS configuration updated successfully",
  "data": {
    "allowedOrigins": ["https://example.com", "https://app.example.com"],
    "allowedMethods": ["GET", "POST", "PUT"],
    "allowedHeaders": ["Content-Type", "Authorization"],
    "maxAgeSeconds": 7200,
    "updatedAt": "2024-01-15T10:30:00Z"
  }
}

Configure Cross-Origin Resource Sharing (CORS) settings for your storage bucket to control browser access to your files.

This endpoint requires authentication via API key.

Configure CORS

allowedOrigins
array
required

Array of allowed origins (e.g., [“https://example.com”, “https://app.example.com”])

allowedMethods
array

Array of allowed HTTP methods (default: [“GET”, “POST”, “PUT”, “DELETE”])

allowedHeaders
array

Array of allowed headers (default: [”*”])

maxAgeSeconds
number

Maximum age for preflight cache in seconds (default: 3600)

curl -X POST https://api.verbalisai.com/v1/storage/configure-cors \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "allowedOrigins": ["https://example.com", "https://app.example.com"],
    "allowedMethods": ["GET", "POST", "PUT"],
    "allowedHeaders": ["Content-Type", "Authorization"],
    "maxAgeSeconds": 7200
  }'

{
  "success": true,
  "message": "CORS configuration updated successfully",
  "data": {
    "allowedOrigins": ["https://example.com", "https://app.example.com"],
    "allowedMethods": ["GET", "POST", "PUT"],
    "allowedHeaders": ["Content-Type", "Authorization"],
    "maxAgeSeconds": 7200,
    "updatedAt": "2024-01-15T10:30:00Z"
  }
}

Get CORS Configuration

Retrieve the current CORS configuration for your storage bucket.

curl -X GET https://api.verbalisai.com/v1/storage/cors-config \
  -H "Authorization: Bearer YOUR_API_KEY"

{
  "success": true,
  "data": {
    "allowedOrigins": ["https://example.com", "https://app.example.com"],
    "allowedMethods": ["GET", "POST", "PUT"],
    "allowedHeaders": ["Content-Type", "Authorization"],
    "maxAgeSeconds": 7200,
    "lastUpdated": "2024-01-15T10:30:00Z"
  }
}

Response Fields

success
boolean

Indicates if the request was successful

data
object

Notes

  • CORS configuration affects browser access to your stored files
  • Wildcard origins (”*”) should be used carefully in production
  • Changes may take a few minutes to propagate
  • Invalid configurations will be rejected with detailed error messages