Skip to main content
Upload a binary image to the Binarly Transparency Platform for security analysis. The upload process uses a secure, three-step workflow involving a pre-signed URL.
1

Generate Upload URL

Obtain a secure, time-limited pre-signed URL for uploading your firmware binary.
2

Upload a Binary

Upload your file directly to the provided pre-signed URL.
3

Finalize Upload

Notify the platform that the upload is complete to trigger the security analysis.

Step 1: Generate Upload URL

Call this endpoint to receive a temporary upload URL and a unique file ID. 
# Replace ${BINARLY_PRODUCT_ID} with your product ID
curl -H "Authorization: Bearer ${TOKEN}" \
  "${BINARLY_API_URL}/api/v4/products/${BINARLY_PRODUCT_ID}/tempFiles:generateUploadUrl"

Response

The response contains the uploadUrl for the next step and an id to identify the file. 
{
  "id": "01ABC123DEF456...",
  "uploadUrl": "https://storage.googleapis.com/..."
}

Step 2: Upload a Binary

Upload your binary file to the uploadUrl obtained in Step 1. Use a PUT request with the binary content. 
# Upload the file binary to the pre-signed URL
curl -X PUT --data-binary @"path/to/firmware.bin" "${UPLOAD_URL}"
This request does not require the Authorization header, as the URL itself is signed.

Step 3: Finalize Upload

Once the binary upload is successful (HTTP 200), call this endpoint to finalize the process and start the scan.

request

tempFileId
string
required
The id received from Step 1.
imageName
string
required
A human-readable name for the binary image.
version
string
The binary file version string (e.g., “1.0.0”).
file
file
required
The binary file. Required by the API even when using tempFileId (content is taken from pre-signed upload).
# Finalize the upload using tempFileId from Step 1
curl -X POST \
  -H "Authorization: Bearer ${TOKEN}" \
  -F "tempFileId=${TEMP_FILE_ID}" \
  -F "imageName=My Firmware Image" \
  -F "version=1.0.0" \
  -F "file=@./firmware.bin" \
  "${BINARLY_API_URL}/api/v4/products/${BINARLY_PRODUCT_ID}/images:upload"

Response

Returns the created image object, confirming the scan has started. 
{
  "id": "img_abc123",
  "name": "My Firmware Image",
  "version": "1.0.0",
  "createTime": "2026-01-28T12:00:00Z",
  "scans": [
    {
      "id": "scan_xyz789",
      "latestScanState": {
        "type": "new"
      }
    }
  ]
}