# Create a new Template Credential POST`https://api2.transloadit.com/template_credentials` ###### Warning This endpoint requires your Auth Key to have the `template_credentials:write` scope. ## POST fields * Passing `signature` is required. For more information, please check [Signature Authentication](/docs/api/authentication.md). * Passing `params` is required. It should contain a JSON encoded object with the keys as shown in the table below. ## Supported keys inside the `params` field * ### `auth` β€” **required** `object`\ Contains at least your Transloadit Auth Key in the `key` property.\ If you enable Signature Authentication, you must also set an expiry date for the request in the expires property:\ ![](/_next/static/media/copy.04p1cju9qekk_.svg?dpl=dpl_CtwzFbHWtqiCy9uvWb9fE7WvfP9N) ```jsonc { "key": "23c96d084c744219a2ce156772ec3211", "expires": "2009-08-28T01:02:03.000Z" } ``` We strongly recommend including the `nonce` property β€” a randomly generated, unique value per request that prevents duplicate processing upon retries, can aid in debugging, and avoids attack vectors such as signature key reuse:\ ![](/_next/static/media/copy.04p1cju9qekk_.svg?dpl=dpl_CtwzFbHWtqiCy9uvWb9fE7WvfP9N) ```jsonc { // … "nonce": "04ac6cb6-df43-41fb-a7fd-e5dd711a64e1" } ``` The `referer` property is a regular expression to match against the HTTP referer of this upload, such as `"example\.org"`. Specify this key to make sure that uploads only come from your domain.\ Uploads without a referer will always pass (as they are turned off for some browsers) making this useful in just a handful of use cases. For details about regular expressions, see [Mozilla's RegExp documentation](https://developer.mozilla.org/docs/Web/JavaScript/Reference/Global%5FObjects/RegExp).\ The `max_size` property can be used to set a maximum size that an upload can have in bytes, such as `1048576` (1 MB). Specify this to prevent users from uploading excessively large files.\ This can be set as part of the Assembly request or as part of the Template.\ The file size is checked as soon as the upload is started and if it exceeds the maximum size, the entire upload process is canceled and the Assembly will error out, even if it contains files that do not exceed the `max_size` limitation.\ If you want to just ignore the files that exceed a certain size, but process all others, then please use [πŸ€–/file/filter](/docs/robots/file-filter.md). * ### `name` β€” **required** `string`\ Name of the Template Credentials. Must be longer than 3 characters, can only contain dashes and latin letters. * ### `type` β€” **required** `ai | azure | backblaze | cloudflare | companion | digitalocean | dropbox | 13 more ↓`\ The service to create credentials for. * ### `content` β€” **required** `object`\ Key and value pairs which fill in the details of the Template Credentials. For example, for an S3 bucket, this would be a valid content object to send:\ ![](/_next/static/media/copy.04p1cju9qekk_.svg?dpl=dpl_CtwzFbHWtqiCy9uvWb9fE7WvfP9N) ```jsonc { "content": { "key": "xyxy", "secret": "xyxyxyxy", "bucket" : "mybucket.example.com", "bucket_region": "us-east-1" } } ``` ## Response Here’s an example response body: ![](/_next/static/media/copy.04p1cju9qekk_.svg?dpl=dpl_CtwzFbHWtqiCy9uvWb9fE7WvfP9N) ``` { "ok": "TEMPLATE_CREDENTIALS_CREATED", "message": "Your Template Credentials were successfully created.", "credentials": { "id": "ca7644b763c848e6af4f4ccf3eaea622", "account_id": "xxx", "name": "example", "type": "s3", "created": "2022-09-20T10:31:30.000Z", "modified": "2022-09-20T10:31:30.000Z", "deleted": null, "content": { "key": "xyxy", "secret": "xyxyxyxy", "bucket": "mybucket.example.com", "bucket_region": "us-east-1" }, "stringified": "{\"key\":\"xyxy\",\"secret\":\"xyxyxyxy\",\"bucket\":\"mybucket.example.com\",\"bucket_region\":\"us-east-1\"}" } } ``` On success this request returns a JSON response with the success code `TEMPLATE_CREDENTIALS_CREATED`, a small message, as well as the details of the credential you have created. On error it contains a JSON response including an `error` field that contains an error status code and a `reason` field that contains details on what went wrong.