Skip to main content
POST
/
api
/
instance
/
s3
/
:instance
Update S3
curl --request POST \
  --url https://api.example.com/api/instance/s3/:instance \
  --header 'Content-Type: <content-type>' \
  --header 'token: <token>' \
  --data '
{
  "enabled": true,
  "region": "<string>",
  "bucket": "<string>",
  "accessKey": "<string>",
  "secretKey": "<string>",
  "endpoint": "<string>",
  "pathPrefix": "<string>"
}
'

Documentation Index

Fetch the complete documentation index at: https://docs.ryzeapi.cloud/llms.txt

Use this file to discover all available pages before exploring further.

Auth: TokenAccount or TokenInstanceRate-limit: Global (100/min) • Idempotent: yes

Description

Configures the S3 storage of the instance. secretKey is encrypted at-rest and never returned. For S3-compatible storage (MinIO, Backblaze, DO Spaces), fill endpoint with the URL.

Examples

AWS S3

Points storage to official AWS S3: bucket ryzeapi-media in us-east-1, with endpoint empty to use AWS’s default domain and prefix media/myinstance/ to isolate the files. 
curl -X POST "https://ryzeapi.cloud/api/instance/s3/my-instance" \
  -H "token: $Token_Instance" \
  -H "Content-Type: application/json" \
  -d '{
    "enabled": true,
    "region": "us-east-1",
    "bucket": "ryzeapi-media",
    "accessKey": "AKIA...",
    "secretKey": "secret-redacted",
    "endpoint": "",
    "pathPrefix": "media/myinstance/"
  }'

Self-hosted MinIO

Same format as AWS, but with endpoint pointing to an internal MinIO (https://minio.internal.company.com). The same pattern works for DigitalOcean Spaces, Backblaze B2, and other S3-compatible storage. 
curl -X POST "https://ryzeapi.cloud/api/instance/s3/my-instance" \
  -H "token: $Token_Instance" \
  -H "Content-Type: application/json" \
  -d '{
    "enabled": true,
    "region": "us-east-1",
    "bucket": "whatsapp",
    "endpoint": "https://minio.internal.company.com",
    "accessKey": "minioadmin",
    "secretKey": "minioadmin",
    "pathPrefix": "ryzeapi/"
  }'

Disable

Sends only enabled: false to disable the storage and delete the credentials from the database. To re-enable later, all fields must be sent again. 
curl -X POST "https://ryzeapi.cloud/api/instance/s3/my-instance" \
  -H "token: $Token_Instance" \
  -H "Content-Type: application/json" \
  -d '{"enabled":false}'

Success response

200 OK
{
  "success": true,
  "message": "S3 configuration updated",
  "s3": {
    "enabled": true,
    "region": "us-east-1",
    "bucket": "ryzeapi-media",
    "accessKey": "AKIA...",
    "endpoint": "",
    "pathPrefix": "media/myinstance/"
  }
}
secretKey does not appear in the response, the server never returns the key in plaintext.

Path parameters

instance
string
required
Instance name.

Headers

token
string
required
TokenAccount or TokenInstance.
Content-Type
string
required
application/json.

Request body

enabled
boolean
required
Enables/disables the instance S3. false clears all fields.
region
string
Region (e.g., us-east-1).
bucket
string
Bucket name (must exist; no creation is performed).
accessKey
string
Access Key ID.
secretKey
string
Secret Access Key. Encrypted at-rest.
endpoint
string
Custom endpoint (MinIO, DO Spaces, Backblaze). Empty for official AWS S3.
pathPrefix
string
Path prefix (e.g., media/myinstance/).

Notes

There is no credential testing. The endpoint saves the config without validating whether the bucket exists or whether the credentials work, the error only appears when the next media upload tries to authenticate (visible in the server logs).
Disabling (enabled=false) deletes the credentials from the database. To re-enable later, all fields must be sent again.

Errors

HTTPerror.messageWhen
400Invalid request bodyMalformed JSON.
401Invalid tokenToken missing or invalid.
404Instance not foundName does not exist.
429Rate limit exceeded. Try again later.More than 100 req/min.
500Failed to update S3 configurationDatabase error.
{
  "success": false,
  "error": {
    "message": "Failed to update S3 configuration"
  }
}