Shares โ
External, token-based access links to Assets or Folders. A share lets you grant a third party (a client, a customer, an anonymous recipient) time-limited or password-protected access to a store object without giving them an S-Launch account.
Scopes โ
| Scope | Reach |
|---|---|
store:read | Listing, reading, downloading shares; checking filters. |
store:write | Updating, patching, deleting share records. |
store:share | Creating share links and emailing them. |
| (none) | POST /api/share/get_access โ used by unauthenticated recipients to redeem a share. |
The store:share scope is intentionally separate from store:write: a role can be allowed to modify share metadata without being allowed to mint new external links.
Endpoints โ
Create Share โ
POST /api/share/
Creates a new share record targeting an asset or folder, returning the share's token and access URL.
Required scope: store:share
Request body โ ShareWriteCreate
Response 201 โ ShareReadCreate
List Shares โ
GET /api/share/
Returns a page of share records.
Required scope: store:read ยท also accepts API key
Query parameters โ standard pagination set; see Conventions โบ Pagination. Defaults: sort_by=created, sort_order=desc, hydrate=true.
Response 200 โ ShareInDbCursorPage
Get Share Filter Metadata โ
GET /api/share/filters
Returns the filter/operator/sort options accepted by List Shares.
Required scope: store:read
Response 200 โ open metadata object.
Get Share by ID โ
GET /api/share/{id}
Returns a single share record (the owner's view โ includes statistics, expiry, recipients).
Required scope: store:read ยท also accepts API key
Path parameters
| Name | Type | Required | Description |
|---|---|---|---|
id | string | yes | Share ID. |
Response 200 โ ShareRead
Update Share by ID โ
PUT /api/share/{id}
Replaces the share's mutable metadata (expiry, password, allowed recipients, etc.).
Required scope: store:write
Path parameters
| Name | Type | Required | Description |
|---|---|---|---|
id | string | yes | Share ID. |
Request body โ ShareWriteReplace
Response 200 โ ShareRead
Patch Share โ
PATCH /api/share/{id}
Partial share metadata update.
Required scope: store:write
Path parameters
| Name | Type | Required | Description |
|---|---|---|---|
id | string | yes | Share ID. |
Request body โ ShareWriteUpdate
Response 200 โ ShareRead
Delete Share by ID โ
DELETE /api/share/{id}
Revokes the share โ its token immediately stops resolving.
Required scope: store:write
Path parameters
| Name | Type | Required | Description |
|---|---|---|---|
id | string | yes | Share ID. |
Response 204 โ empty.
Get Access to Share โ
POST /api/share/get_access
The recipient-facing endpoint. Anonymous (unauthenticated) callers submit the share token plus any required password to obtain a time-limited access response.
Required scope: none
Request body โ ShareAccessRequest โ the token and optional password.
Response 200 โ ShareAccessResponse
TIP
This is the only Shares endpoint reachable without authentication. Treat it as a public surface โ never expose owner-side share IDs through it; this endpoint operates on the opaque share token only.
Download Share by Token โ
GET /api/share/download/{token}
Downloads the underlying asset or folder via the share token. Honors any access restrictions configured on the share (expiry, max downloads, etc.).
Required scope: store:read โ note that recipient flows typically pair this with Get Access to Share first to obtain a short-lived credential; consult your tenant's specific share-redemption pattern.
Path parameters
| Name | Type | Required | Description |
|---|---|---|---|
token | string | yes | Share token. |
Response 200 โ binary stream of the underlying object.
Send Share Email โ
POST /api/share/send_email
Emails the share link to one or more recipients. The server formats the message using the active mail template.
Required scope: store:share
Request body โ ShareEmailRequest
Response 200 โ confirmation payload.
See also โ
- Assets and Folders โ what a share points at.
- Mail Templates โ the template used when Send Share Email runs.
- Asset Store โบ Workflow โ end-to-end upload + share example.