APIAccount & operationsAttachments
Generate a signed URL for an attachment
Returns a 1-hour signed URL for the given storage path. Ownership is enforced by checking that the first path segment matches the caller's company_id.
Authorization
bearerAuth AuthorizationBearer <token>
Supabase JWT bearer token for dashboard / user-scoped endpoints. Role-derived scopes: ROOT/ADMIN → full admin; USER → read-only treasury.
In: header
Query Parameters
path*string
Length
1 <= lengthResponse Body
application/json
application/json
application/json
application/json
application/json
curl -X GET "https://loading/v1/auth/attachments/sign?path=string"{
"success": true,
"timestamp": "2019-08-24T14:15:22Z",
"data": null,
"message": "string",
"pagination": {
"total": 0,
"limit": 1,
"offset": 0,
"has_more": true,
"cursors": {
"first": "string",
"last": "string"
}
}
}{
"success": false,
"timestamp": "2019-08-24T14:15:22Z",
"error": {
"code": "string",
"message": "string",
"details": null
}
}{
"success": false,
"timestamp": "2019-08-24T14:15:22Z",
"error": {
"code": "string",
"message": "string",
"details": null
}
}{
"success": false,
"timestamp": "2019-08-24T14:15:22Z",
"error": {
"code": "string",
"message": "string",
"details": null
}
}{
"success": false,
"timestamp": "2019-08-24T14:15:22Z",
"error": {
"code": "string",
"message": "string",
"details": null
}
}Delete an attachment
Removes an attachment from storage. The first path segment must equal the caller's company_id.
Preview checkout branding
Render a server-side HTML snapshot of the checkout surface with the provided (unsaved) branding applied. Pass the current draft branding from the editor. Result is cached for 60 seconds per unique payload.