Delete an attachment
Removes an attachment from storage. The first path segment must equal the caller's company_id.
Authorization
bearerAuth Supabase JWT bearer token for dashboard / user-scoped endpoints. Role-derived scopes: ROOT/ADMIN → full admin; USER → read-only treasury.
In: header
Query Parameters
1 <= lengthResponse Body
application/json
application/json
application/json
application/json
application/json
curl -X DELETE "https://loading/v1/auth/attachments/?path=string"{
"success": true,
"timestamp": "2019-08-24T14:15:22Z",
"data": null,
"message": "string",
"pagination": {
"total": 0,
"limit": 1,
"offset": 0,
"has_more": true,
"cursors": {
"first": "string",
"last": "string"
}
}
}{
"success": false,
"timestamp": "2019-08-24T14:15:22Z",
"error": {
"code": "string",
"message": "string",
"details": null
}
}{
"success": false,
"timestamp": "2019-08-24T14:15:22Z",
"error": {
"code": "string",
"message": "string",
"details": null
}
}{
"success": false,
"timestamp": "2019-08-24T14:15:22Z",
"error": {
"code": "string",
"message": "string",
"details": null
}
}{
"success": false,
"timestamp": "2019-08-24T14:15:22Z",
"error": {
"code": "string",
"message": "string",
"details": null
}
}Upload an attachment
Multipart upload. Required fields: `file` (binary), `context` (e.g. `treasury_transaction`), `sessionId` (caller-provided grouping key). Limits: 10MB, MIME in {application/pdf, image/jpeg, image/png, image/webp}. Returns `{path, name, size, type, context}`.
Generate a signed URL for an attachment
Returns a 1-hour signed URL for the given storage path. Ownership is enforced by checking that the first path segment matches the caller's company_id.