Signed Url

Signed Url provides you the ability to determine who can view your images and until when.
You can use it to lock folders that contain private images. Then you can allow specific clients to reach locked images within the time period you defined.
You specify that client with their IP address.

After logging into image4io console, you can find Signed Url in Security tab.
You must be on our Business Plan to use Signed Url.
Follow these steps to lock your files with Signed Url:

1.  Login to image4io console

2.  Go to Security > Signed Url

3.  You will need your Signing Key for next step. In order to produce it, fill the bottom field with the path of folder that you want to lock (if multiple folders, write other ones after new line), enable Signed Url from top right
corner and click to "Save" button. Afterwards, your signing key will be produced. The specified folder is locked and outer access is blocked now. A token is required to reach images in that folder.

4.   Create your JSON object. JSON format must be like the following:
{
"client_ip":"123.123.123.123",
"protocol":"https",
"expire":"1609459200"
}
client_ip is the ip address of the allowed client.
protocol can be http or https
expire is last time that an allowed client can reach until. It is in epoch. Epoch (or Unix time or POSIX time or Unix timestamp) is the number of seconds that have elapsed since January 1, 1970.)

You can leave JSON values empty if you do not want to restrict access by that value. Note that at least one value must be given.
The token which is generated with JSON above, allows any one using any protocol can display image until 1 January 2021 00:00:00.

5.   Generate the token. Token is generated with using Blowfish chiper algorithm. To generate the token, encrypt your JSON with your signing key. JSON must be in string form. Your signing key is secret key:

There is a token generator in Signed Url page. That is for you to compare the token you generated.
Important: Tokens do not have to be identical. A different spacing or new line is going to change the token. But no problem, since we decrypt the token and get the JSON you encrypted, your token will also work.
If you use image4io SDK, the token that you generate will be the identical with token generator page in the console.

6.   Put the token to your image urls as the query parameter with the key of "token".

Final form of the url must be like:
`img/signedurltest/signed-url-token.png?token=3DF8326C46C656B87FF9615372CB12BC8EFBF5EC74AAA4C5096156DD79E2EC4EA2F06A18CE6188E7E318CA641F455877`