There's a new version of the HubSpot API

As of November 30, 2022, HubSpot API Keys are being deprecated and are no longer supported. Continued use of HubSpot API Keys is a security risk to your account and data. Your API Keys could be deactivated at any time after Nov. 30th, and we recommend that you migrate to Private Apps as soon as possible so you do not lose business-critical functionality.

Get a signed URL for a private file

Last updated October 5, 2020

GET /filemanager/api/v3/files/:fileId/signed-url

Method Details

HTTP Methods:

GET

Response Format:

json

Requires Authentication?

Yes

Rate Limited?

Yes

Headers

User-Agent

Products:

Marketing & CRM

Required Scope:

files

Get the details for a private file. The details will include a signed URL that can be used to retrieve the contents of the file.

Private files cannot be access using their URL alone. The signed URL returned by this endpoint can be used to get temporary access to the file contents.

Notes:
  • When using OAuth for your authentication, files that are both private and hidden cannot be accessed without the files.ui_hidden.read scope. See the details below.
  • The signed URL will only be valid for a few hours, after which the URL will result in an error. At this point, you would need to request a new signed URL to access the file again. The expiresAt field in the response is a UNIX-formatted timestamps in milliseconds that represents the time that the URL will expire.
Required Parameters How to use Description
OAuth Access Token or API Key Authorization: Bearer {token} header or hapikey={key} query parameter. Used to authenticate the request. Please see this page for more details about authentication.

Scopes and hidden files

When using an OAuth access token, the files.ui_hidden.read scope will be required to get a signed URL for any files that are set to hidden. Hidden files are not visible in the files tool in HubSpot, and would include files such as files attached to CRM records.

If a file is hidden, and the access token does not have the files.ui_hidden.read scope, a 404 error will be returned.

API keys will be able to access private and hidden files without restriction.