---
title: Hep.gg Uploader (LLM)
description: ShareX-compatible file uploader and the /:id file serve, authed with a per-user ShareX token.
---

# Hep.gg Uploader

ShareX-compatible file uploader. Authentication is a per-user ShareX token.

Base URL: https://hep.gg
Auth: Authorization: Bearer <token> header on /upload (your ShareX token; not a
session cookie). The "Bearer " prefix, a "Token " prefix, or the raw token are
all accepted. Tokens are minted in the dashboard and are static per account.

Files are served from your serve host (default https://i.hep.gg), your *.hep.gg
subdomain, or a custom domain you have configured.

## Endpoints

### POST /upload
Upload a file or shorten a link. Form-data (multipart):
  file        multipart file       one of file/link required
  link        string               one of file/link required (shortlink target)

Response (always JSON): { "ID": "<id>", "url": "https://<your-serve-host>/<id>" }

Limits:
  - 240 requests/min per user (HTTP 429 with Retry-After when exceeded).
  - File size and MIME type are gated by your account's allowed-types list; an
    oversize stream returns 413 and a disallowed type returns 400.

This endpoint predates the { ok, data } envelope and returns the shape above.

### GET /:ID
File serve / shortlink redirect. Increments the view count. 404 if nothing
matches. A shortlink issues a 302 to its target.

### GET /uploadCounter
Public lifetime upload count: { "count": <int> }. No auth. Legacy shape (no
envelope).

## Errors (POST /upload)
  400  bad request (no file/link, or a Content-Type your account does not allow).
  401  token missing or revoked.
  403  maintenance window, or uploader access suspended (Forbidden / ACCESS_REQUIRED).
  413  uploaded stream over your size limit.
  429  rate limited; honor Retry-After (seconds).

### Example
curl -X POST https://hep.gg/upload \
  -H "Authorization: Bearer hyd-up-xxxxxxxxxxxx" \
  -F "file=@./screenshot.png"

## Hep.gg dashboard (cookie auth - not for programmatic use)
  GET    /api/v1/me                            (account)
  POST   /api/v1/me/token/regenerate           (rotate ShareX bearer)
  GET    /api/v1/uploads?type=files|links|all&page=&limit=&sort=
  PATCH  /api/v1/uploads/:contentID            { alias?, favourite? }
  DELETE /api/v1/uploads/:contentID