Files in Credentials Portal are attached to individual people. They are stored securely and served through authenticated proxy routes.
List all district files
Returns metadata for all files uploaded in your district.
Example:
curl https://app.credentialsportal.com/api/files \
-H "Authorization: Bearer ck_your_api_key"
[
{
"id": "upl01",
"district_id": "xyz99",
"person_id": "abc12",
"name": "Background Check",
"filename": "background-check.pdf",
"content_type": "application/pdf",
"size": 204800,
"url": "https://app.credentialsportal.com/files/xyz99/upload/abc12/background-check.pdf",
"created_at": 1739577600000
}
]
Upload a file
Uploads a file to the district’s storage and associates it with a person.
Form data:
| Field | Description |
|---|
file | The file to upload (multipart) |
personId | The person to associate the file with |
name | Display name for the file (optional) |
curl -X POST https://app.credentialsportal.com/api/upload \
-H "Authorization: Bearer ck_your_api_key" \
-F "file=@/path/to/document.pdf" \
-F "personId=abc12" \
-F "name=Background Check"
{
"id": "upl02",
"person_id": "abc12",
"name": "Background Check",
"filename": "document.pdf",
"content_type": "application/pdf",
"size": 204800,
"url": "https://app.credentialsportal.com/files/xyz99/upload/abc12/document.pdf",
"created_at": 1741564800000
}
Upload a file for a specific person
POST /api/people/:id/uploads
PATCH /api/files/:uploadId
New display name for the file.
Reassign the file to a different person.
Delete a file
DELETE /api/people/:personId/uploads/:uploadId
curl -X DELETE https://app.credentialsportal.com/api/people/abc12/uploads/upl02 \
-H "Authorization: Bearer ck_your_api_key"
Access file content
Files are served via an authenticated proxy route:
GET /files/:districtId/:type/:personId/:filename
url field returned in file responses points to this route. Include your session token or API key to access protected files.
File URLs are not publicly accessible. All requests to file URLs must include a valid Authorization header.
