Midden

gloob glorp gloop gleep

API

OpenAPI JSON

Multipart file upload for simple clients:

curl -F file=@example.txt /api/v1/files

Add -F expires=7d to set an optional expiry. When public browse is enabled, add -F visibility=public to list the item.

Create a paste:

curl -H 'content-type: application/json' -d '{"content":"hello","expires":"7d","visibility":"unlisted"}' /api/v1/pastes

List your account items with an API token:

curl -H 'authorization: Bearer TOKEN' /api/v1/me/files
curl -H 'authorization: Bearer TOKEN' /api/v1/me/pastes?q=rust

Manage API tokens:

curl -H 'authorization: Bearer TOKEN' /api/v1/tokens
curl -X DELETE -H 'authorization: Bearer TOKEN' /api/v1/tokens/TOKEN_ID

Claim an anonymous item:

curl -H 'authorization: Bearer TOKEN' -H 'content-type: application/json' \
  -d '{"delete_token":"TOKEN"}' /api/v1/claim/file/abc123

Report an item:

curl -H 'content-type: application/json' -d '{"kind":"file","id":"abc123","reason":"abuse"}' /api/v1/reports

Moderator API examples:

curl -H 'authorization: Bearer TOKEN' /api/v1/admin/reports?state=open
curl -X PATCH -H 'authorization: Bearer TOKEN' -H 'content-type: application/json' \
  -d '{"state":"takedown","visibility":"unlisted","note":"confirmed"}' /api/v1/admin/items/file/abc123

File responses include visibility, optional extracted metadata, optional thumbnail_url, and optional signed internal_url when configured.

Authenticated requests use Authorization: Bearer TOKEN. Tokens are scoped, and admins can disable the API or tighten the use_api action rule in settings. Common scopes include files:read, files:write, files:delete, pastes:read, pastes:write, pastes:delete, reports:write, items:claim, tokens:read, tokens:write, admin:reports, admin:items, and admin:search.