routefile
Open dashboard →

For developers

RouteFile REST API

JSON over HTTPS, bearer-token auth, resumable multipart uploads. Upload a file, mint a share link, audit downloads — three calls.

Endpoints

REST API
Account, objects, shares, keys. Bearer-token auth.
https://api.routefile.com
Public delivery
Where recipients land when they click a share link.
https://share.routefile.com
S3-compatible API coming soon. A drop-in endpoint for aws-sdk, boto3, rclone, and mc is on the roadmap — not built yet. Email us to join the early-access list.

60-second quickstart

  1. 1. Create a scoped API token

    Settings → enable Developer mode → API tokens → Create. Pick Write-only + a 90-day expiry for CI tokens so a leaked secret can't delete your releases or be replayed forever.

  2. 2. Upload from your terminal
    export ROUTEFILE_TOKEN="rf_..."

# Initiate a multipart upload, then PUT the file body, then complete.
# Returns { object: { id, ... } } on success.
curl -X POST https://api.routefile.com/v1/uploads \
  -H "authorization: Bearer $ROUTEFILE_TOKEN" \
  -H "content-type: application/json" \
  -d '{ "filename": "build.tar.gz", "size_bytes": 1234567, "region": "WEUR" }'
  3. 3. Or upload from Node
    import { readFileSync } from "node:fs";

const TOKEN = process.env.ROUTEFILE_TOKEN!;
const file = readFileSync("./build.tar.gz");

// 1. Initiate
const init = await fetch("https://api.routefile.com/v1/uploads", {
  method: "POST",
  headers: { authorization: `Bearer ${TOKEN}`, "content-type": "application/json" },
  body: JSON.stringify({ filename: "build.tar.gz", size_bytes: file.length, region: "WEUR" }),
}).then(r => r.json());

// 2. Stream to upload URL the API returned
await fetch(init.upload_url, { method: "PUT", body: file });

// 3. Complete
const obj = await fetch(`https://api.routefile.com/v1/uploads/${init.upload_id}/complete`, {
  method: "POST", headers: { authorization: `Bearer ${TOKEN}` },
}).then(r => r.json());
  4. 4. Mint a share link
    curl -X POST https://api.routefile.com/v1/shares \
  -H "authorization: Bearer $ROUTEFILE_TOKEN" \
  -H "content-type: application/json" \
  -d '{
    "object_id": "obj_01abc...",
    "recipient_email": "alice@example.com",
    "note": "Q4 deck",
    "expires_at": "2026-06-01T00:00:00Z"
  }'

GitHub Action

Private beta

Drop into any release workflow. Uploads the file, mints a share link, exposes the URL as a step output. Bearer-token auth on the upload endpoint is on the roadmap; email us to join the early-access cohort.

- uses: routefile/upload-action@v1
  id: upload
  with:
    file: ./dist/myapp-${{ github.ref_name }}.tar.gz
    token: ${{ secrets.ROUTEFILE_TOKEN }}
    create-share: 'true'
    share-expires-in: '90'

- run: gh release edit ${{ github.ref_name }} --notes "Download: ${{ steps.upload.outputs.share-url }}"
  env: { GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} }

REST surface (v1)

All endpoints take Authorization: Bearer <token>.

  • GET /v1/account
  • GET /v1/usage
  • GET /v1/objects · /v1/objects/:id
  • DELETE /v1/objects/:id
  • GET /v1/shares
  • POST /v1/shares
  • PATCH /v1/shares/:id
  • DELETE /v1/shares/:id
  • GET /v1/events
  • GET /v1/keys
  • POST /v1/keys
  • DELETE /v1/keys/:id

On the roadmap

  • S3-compatible API (SigV4 auth, ListBucket / Put / Get / Delete / multipart)
  • Official rf CLI (Homebrew / curl-pipe-sh / scoop)
  • Prefix-bound scoped tokens (write-only + expiry already shipped)
  • Resumable uploads via tus.io for long network swaps
  • Webhook signing + retry-with-backoff delivery log
  • Custom domains for share links and portals

Want one of these sooner? Tell us.

HomeTermsPrivacy