POST
/
v1
/
storage
/
configure-cors
curl -X POST https://api.verbalisai.com/v1/storage/configure-cors \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "allowedOrigins": ["https://example.com", "https://app.example.com"],
    "allowedMethods": ["GET", "POST", "PUT"],
    "allowedHeaders": ["Content-Type", "Authorization"],
    "maxAgeSeconds": 7200
  }'

{
  "success": true,
  "message": "CORS configuration updated successfully",
  "data": {
    "allowedOrigins": ["https://example.com", "https://app.example.com"],
    "allowedMethods": ["GET", "POST", "PUT"],
    "allowedHeaders": ["Content-Type", "Authorization"],
    "maxAgeSeconds": 7200,
    "updatedAt": "2024-01-15T10:30:00Z"
  }
}
Configure Cross-Origin Resource Sharing (CORS) settings for your storage bucket to control browser access to your files.
This endpoint requires authentication via API key.

Configure CORS

allowedOrigins
array
required
Array of allowed origins (e.g., [“https://example.com”, “https://app.example.com”])
allowedMethods
array
Array of allowed HTTP methods (default: [“GET”, “POST”, “PUT”, “DELETE”])
allowedHeaders
array
Array of allowed headers (default: [”*”])
maxAgeSeconds
number
Maximum age for preflight cache in seconds (default: 3600)
curl -X POST https://api.verbalisai.com/v1/storage/configure-cors \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "allowedOrigins": ["https://example.com", "https://app.example.com"],
    "allowedMethods": ["GET", "POST", "PUT"],
    "allowedHeaders": ["Content-Type", "Authorization"],
    "maxAgeSeconds": 7200
  }'

{
  "success": true,
  "message": "CORS configuration updated successfully",
  "data": {
    "allowedOrigins": ["https://example.com", "https://app.example.com"],
    "allowedMethods": ["GET", "POST", "PUT"],
    "allowedHeaders": ["Content-Type", "Authorization"],
    "maxAgeSeconds": 7200,
    "updatedAt": "2024-01-15T10:30:00Z"
  }
}

Get CORS Configuration

Retrieve the current CORS configuration for your storage bucket. 
curl -X GET https://api.verbalisai.com/v1/storage/cors-config \
  -H "Authorization: Bearer YOUR_API_KEY"

{
  "success": true,
  "data": {
    "allowedOrigins": ["https://example.com", "https://app.example.com"],
    "allowedMethods": ["GET", "POST", "PUT"],
    "allowedHeaders": ["Content-Type", "Authorization"],
    "maxAgeSeconds": 7200,
    "lastUpdated": "2024-01-15T10:30:00Z"
  }
}

Response Fields

success
boolean
Indicates if the request was successful
data
object

Notes

  • CORS configuration affects browser access to your stored files
  • Wildcard origins (”*”) should be used carefully in production
  • Changes may take a few minutes to propagate
  • Invalid configurations will be rejected with detailed error messages