Skip to content

Buckets

Each RGW user owns one or more buckets. Buckets are S3-compatible and support standard object operations, ACLs, and presigned URLs.

List buckets

GET /rgw/users/{user_id}/buckets
Authorization: Bearer <token>

Returns an array of bucket objects. Each entry includes the bucket name, owner ID, and creation timestamp. When the user has no buckets, an empty array is returned.

Show a bucket

GET /rgw/users/{user_id}/buckets/{bucket_id}
Authorization: Bearer <token>

Returns metadata for a single bucket.

Delete a bucket

DELETE /rgw/users/{user_id}/buckets/{bucket_id}
Authorization: Bearer <token>

Deletes the bucket. The bucket must be empty; the API returns an error if any objects remain. To remove all objects first, see Delete an RGW user with purge or delete objects individually using the object endpoints before calling this.

Returns 204 No Content on success.

Bucket ACL

Get ACL

GET /rgw/users/{user_id}/buckets/{bucket_id}/acl
Authorization: Bearer <token>

Returns the bucket's ACL as a JSON object.

Set ACL

PUT /rgw/users/{user_id}/buckets/{bucket_id}/acl
Authorization: Bearer <token>
Content-Type: application/json

{ "acl": "private" }

Valid canned ACL values: private, public-read, public-read-write, authenticated-read.

Objects

List objects

GET /rgw/users/{user_id}/buckets/{bucket_id}/objects
Authorization: Bearer <token>

Optional query parameter prefix filters to keys with that prefix (useful for pseudo-folder navigation in the file browser).

Upload an object

POST /rgw/users/{user_id}/buckets/{bucket_id}/objects
Authorization: Bearer <token>

Multipart upload. The dashboard file browser uses this endpoint.

Download an object

GET /rgw/users/{user_id}/buckets/{bucket_id}/objects/download?key=path/to/object
Authorization: Bearer <token>

Returns the object content as application/octet-stream.

Object metadata

GET /rgw/users/{user_id}/buckets/{bucket_id}/objects/metadata?key=path/to/object
Authorization: Bearer <token>

Returns content-type, size, ETag, and any user-defined metadata.

Presigned upload URLs

Generate a time-limited presigned URL that allows a client to upload a single object directly to RGW without a proxy hop through the API:

POST /rgw/users/{user_id}/buckets/{bucket_id}/objects/upload_url
Authorization: Bearer <token>
Content-Type: application/json

{
  "key": "uploads/report-2026.pdf"
}

Response:

{
  "url": "https://storage.muc1.de.bnerd.com/my-bucket/uploads/report-2026.pdf?X-Amz-Signature=..."
}

The client can PUT the file body directly to url without any additional headers. The URL expires after a short window (typically 15 minutes).

File browser

The dashboard includes a web-based file browser that lists buckets and objects, supports drag-and-drop uploads (via presigned URLs), and allows downloading and deleting individual objects. The file browser uses the same API endpoints described on this page.