Resource API Overview
Use the Imgwire Resource API to manage the resources behind your image workflow: images, browser upload origins, custom domains, upload tokens, bulk downloads, and usage metrics.
Overview
The Resource API is the management API for an Imgwire Environment. It complements the CDN transformation API: the Resource API creates and manages resources, while CDN URLs deliver and transform images.
The public API base URL is:
https://api.imgwire.dev
Resource API endpoints are under /api/v1.
Authentication
Most Resource API operations require a Server API Key:
Authorization: Bearer <SERVER_API_KEY>
Server API Keys are environment-scoped and must stay in trusted backend, local, or CI environments. Do not expose a Server API Key in browser code, mobile apps, public static bundles, or client-side examples.
Some image upload operations also support Client Keys:
| Operation | Client Key support |
|---|---|
| Create standard upload | Supported for browser/mobile upload flows |
| Get image by ID | Supported |
| List, delete, bulk delete, URL upload, upload tokens, CORS origins, custom domain, metrics | Use a Server API Key |
When you authenticate with a dashboard user session or OAuth-linked agent instead of an environment-scoped API key, include the target Environment:
X-Environment-Id: <ENVIRONMENT_ID>
Resource areas
| Area | What it manages |
|---|---|
| Images | Image records, presigned uploads, URL ingestion, upload tokens, deletes, bulk deletes, and bulk downloads |
| CORS Origins | Browser origins allowed to use Client Keys for direct upload requests |
| Custom Domain | The custom delivery domain for an Environment |
| Metrics | Uploads, transformations, requests, transfer, cache hit ratio, and storage metrics |
| API Reference | Interactive endpoint reference generated from Imgwire's OpenAPI schema |
How Resource API workflows fit together
A typical backend integration uses the Resource API to create uploads, issue upload tokens for signed frontend uploads, ingest generated images from remote URLs, and inspect image records after processing.
A browser upload integration usually starts with a Client Key. If the Client Key allows unsigned uploads, the browser can create standard uploads directly. If the Client Key requires signed uploads, your backend creates an upload token with the Resource API and returns that short-lived token to the client.
For production browser uploads, configure CORS Origins so known origins can use your Client Keys. If an Environment has no CORS origins configured, any browser origin can attempt uploads with a valid Client Key for that Environment.
Example request
curl https://api.imgwire.dev/api/v1/images/?limit=20 \
-H "Authorization: Bearer $IMGWIRE_API_KEY"
Paginated list endpoints return pagination metadata in response headers:
| Header | Meaning |
|---|---|
X-Total-Count | Total matching items |
X-Page | Current page |
X-Limit | Page size |
X-Prev-Page | Previous page number, or null |
X-Next-Page | Next page number, or null |
Best practices
- Keep Server API Keys in trusted backend, local, or CI environments only.
- Use Client Keys only for frontend upload and image lookup flows that are safe for public clients.
- Configure CORS origins before relying on Client Keys from production browser apps.
- Store image IDs when you need to retrieve, delete, bulk download, or transform images later.
- Use
idempotency_keyon upload creation when retrying the same logical upload. - Use the REST API Reference for the exact request and response schema when implementing against HTTP directly.
Related pages
Last updated at: May 9, 2026