upload

user.file.upload

Uploads a binary file into the caller’s private vault. Content is encrypted with a vault-scoped DEK and stored in MinIO.

Auth

Bearer JWT + unsealed vault.

Input

input FileUploadInput {
    label: String!
    file: Upload!    # GraphQL multipart spec
}

GraphQL multipart

File upload uses the GraphQL multipart request spec. You send a multipart POST with three parts:

  1. operations — a JSON blob containing { query, variables }, with the file variable set to null.
  2. map — a JSON blob mapping file-part names to the null variable location, e.g. { "0": ["variables.input.file"] }.
  3. 0 — the actual file data.

curl (minimal)

curl -X POST https://api.test.geena.eu/graphql \
  -H "Authorization: Bearer $TOKEN" \
  -F operations='{"query":"mutation($input: FileUploadInput!) { user { file { upload(input: $input) { id label fileName } } } }","variables":{"input":{"label":"ID scan","file":null}}}' \
  -F map='{"0":["variables.input.file"]}' \
  -F 0=@/path/to/passport.pdf

Response

{
  "data": {
    "user": {
      "file": {
        "upload": { "id": "a1b2...", "label": "ID scan", "fileName": "passport.pdf" }
      }
    }
  }
}
Warning

This GraphQL path is meant for small-to-medium files. For large transfers prefer the HTTP streaming endpoints — those bypass the GraphQL handler’s body buffer.