May 15, 2013

Boosting security with Notification Signatures

Tim Koschützki

Co-founder · Berlin, Germany · Show bio ·

We have added support for more secure Notifications.

When we've encoded your media, we send a Notification to your notify_url. All the Assembly data was posted inside the transloadit field.

Starting today, this POST also contains a signature field. This field contains a hash that we calculate based on the Assembly data at hand, and your account's secret key.

Only you have this key, so you could perform the same calculation, and then know it really was Transloadit who sent you this exact data, before deciding to trust, and act on it.

Code examples for calculating the signature yourself can be found here.

#assembly #workflow

What is Transloadit

Transloadit is a file uploading & encoding service for developers. Customers from 135 different countries, such as Coursera and The New York Times, have been loving our clever API, reliability, and fantastic customer support since we launched in 2009. We recently celebrated our one hundred fiftieth petabyte encoded. That's 150 million gigabytes. As the first company to run Node.js in production, our founders have shaped much of its early ecosystem. Transloadit also built Uppy and Tus, two open source projects that are redefining how people share files on the internet, and is donor to 13 other open source projects. We offer a free plan with 5GB of monthly traffic included, and an additional free service for students, teachers, open source projects, and charities. Sign up today and discover the power of our platform.

Join 20k+ developers

What is Transloadit