Documentation
Examples
Model API Reference
SDK Reference
Platform API
Changelog- File ACLs - Read and replace the Access Control List of a CDN file to make it public, restrict it, or grant access to specific users
- Signed URLs - Mint time-limited URLs that grant temporary access to access-restricted files (valid up to 7 days)
- Account storage settings - Configure account-wide defaults for newly uploaded files, including auto-expiration and the initial ACL
Available Operations
The Platform APIs provide the following endpoints for Storage:Get File ACL
Retrieve the Access Control List currently applied to a fal CDN file
Set File ACL
Replace the Access Control List of a fal CDN file with a default decision and
optional per-user rules
Sign File URL
Create a signed URL that grants temporary access to a file regardless of its
ACL
Get Storage Settings
Read the account-level lifecycle settings applied to newly uploaded files
Update Storage Settings
Replace the account-level defaults for auto-expiration and the initial ACL of
new uploads
Access Control Lists
A file ACL is composed of a default decision plus optional per-user rules that override the default:allow- access is grantedforbid- access is denied (the file returns an error)hide- access is denied and the file is treated as if it does not exist
default to allow with no rules makes a file public. Using forbid or
hide restricts the file to only the users named in the rules.
Rules that reference users who do not exist are dropped. The response always
reflects the ACL actually applied, so verify it contains the rules you sent.
Authentication
All Storage endpoints require authentication. Include your API key in theAuthorization header:
| Operation | Required permission |
|---|---|
| Get file ACL / Sign file URL | assets:read |
| Set file ACL | assets:write |
| Get storage settings | account:settings:read |
| Update storage settings | account:settings:write |