Error message "Missing required parameter - api_key"
I'm attempting to do a signed upload using the Cloudinary widget. I'm creating a signature for the request on the backed in PHP using the PHP Cloudinary SDK. My backend signing code is:
$options = array( "cloud_name" => [*my cloud name*], "api_key" => [*my api key*], "api_secret" => [*my api secret*], ); $timestamp = time(); $signature = Cloudinary::sign_request( array( "timestamp" => $timestamp, "upload_preset" => [*my preset requiring signed requests*], "folder" => "folder", "resource_type" => "image" ), $options ); //...Return signature
This creates a signature correctly (as far as I can tell) and returns it to the front end at which point I can call cloudinary.createUploadWidget(...params, function) with the created signature. However, when I open this widget and attempt to upload an image, I get an error "Missing required parameter - api_key". From my understanding, the api key is not needed at all on the front end. It should only be needed on the backend when creating the signature. But I have it on the backend already and it's value (and the cloud name and api secret) are confirmed to be the correct values. What am I missing? Thank you for the help!
Edit: I just added the api key to the front end when creating the cloudinary widget and no longer see the error. Why is the api key needed on the front end? Does this not expose information that should stay confidential?
Answers
-
Hi Andrew,
As mentioned here, you do need to add the
api_key
when doing a signed upload via the Upload Widget. Theapi_key
and thecloud_name
can be set on the frontend as it doesn't present a risk. On the contrary, theapi_secret
should never be set on the frontend.Hope that helps.
Best,
Loic
0