Uploader API

ShareX-compatible file uploader and URL shortener that serves files from your own Hep.gg account, authenticated with a per-account bearer token.

Uploader API

The Hep.gg Uploader lets you upload files and shorten URLs to your own Hep.gg account programmatically. It is fully ShareX-compatible: the same POST /upload endpoint that the desktop client uses is a plain HTTP API you can call from curl, a script, or any HTTP library. Uploaded files are served back from your account's configured host (https://i.hep.gg by default), and you can point your own *.hep.gg subdomain or a custom CDN domain at them.

Authentication

Every upload request carries your account's uploader bearer token in the Authorization header. There is no query-string or cookie alternative for programmatic use.

Authorization: <your-token>

The token is matched verbatim against your account's key record, so send it exactly as issued. A Bearer or Token prefix is accepted but not required, all three of these work:

Authorization: hyd-up-xxxxxxxxxxxx
Authorization: Bearer hyd-up-xxxxxxxxxxxx
Authorization: Token hyd-up-xxxxxxxxxxxx

New tokens look like hyd-up-<random>. The token grants full access to your uploader, so treat it like a password.

Where the token comes from

There is no public "create a key" endpoint. You mint, view, and rotate the token from the dashboard: open the Uploader app, go to the Setup / API Keys subpage, and copy the generated token. Rotating the key from that page immediately revokes the old token. See Authentication and keys for the full lifecycle.

Quickstart

Upload a file with one multipart request. The field name does not matter, the first file in the request is used.

curl

curl -X POST https://hep.gg/upload \
  -H "Authorization: hyd-up-xxxxxxxxxxxx" \
  -F "file=@screenshot.png"

node

import { readFileSync } from "node:fs";
 
const form = new FormData();
form.append(
  "file",
  new Blob([readFileSync("screenshot.png")]),
  "screenshot.png",
);
 
const res = await fetch("https://hep.gg/upload", {
  method: "POST",
  headers: { Authorization: "hyd-up-xxxxxxxxxxxx" },
  body: form,
});
const { ID, url } = await res.json();
console.log(url); // https://i.hep.gg/abc123.png

Response:

{
  "ID": "abc123.png",
  "url": "https://i.hep.gg/abc123.png"
}

What is in these docs

Authentication and keys

Where the bearer token comes from, header formats, and rotation.

Uploading files

POST /upload, multipart files, limits, and error codes.

URL shortener

Shorten links and store text snippets via the link field.

Serving and embeds

GET /

, custom domains, oEmbed, and social embeds.

Uploader API

Uploader API#

Authentication#

Where the token comes from#

Quickstart#

What is in these docs#

Uploader API

Authentication

Where the token comes from

Quickstart

What is in these docs