Error message "Missing required parameter - api_key"

andrewclark
andrewclark Member
edited May 25 in Developer APIs

I'm attempting to do a signed upload using the Cloudinary widget. I'm creating a signature for the request on the backed in PHP using the PHP Cloudinary SDK. My backend signing code is:

$options = array(
    "cloud_name" => [*my cloud name*],
    "api_key" => [*my api key*],
    "api_secret" => [*my api secret*],
);
$timestamp = time();
$signature = Cloudinary::sign_request(
    array(
        "timestamp" => $timestamp,
        "upload_preset" =>  [*my preset requiring signed requests*],
        "folder" => "folder",
        "resource_type" => "image"
    ),
    $options
);

//...Return signature

This creates a signature correctly (as far as I can tell) and returns it to the front end at which point I can call cloudinary.createUploadWidget(...params, function) with the created signature. However, when I open this widget and attempt to upload an image, I get an error "Missing required parameter - api_key". From my understanding, the api key is not needed at all on the front end. It should only be needed on the backend when creating the signature. But I have it on the backend already and it's value (and the cloud name and api secret) are confirmed to be the correct values. What am I missing? Thank you for the help!

Edit: I just added the api key to the front end when creating the cloudinary widget and no longer see the error. Why is the api key needed on the front end? Does this not expose information that should stay confidential?

Answers

  • Vdeub
    Vdeub Member, Cloudinary Staff Cloudinary Staff

    Hi Andrew,

    As mentioned here, you do need to add the api_key when doing a signed upload via the Upload Widget. The api_key and the cloud_name can be set on the frontend as it doesn't present a risk. On the contrary, the api_secret should never be set on the frontend.

    Hope that helps.

    Best,

    Loic