Signed URLs
Instructions for importing your cloud-hosted data to Labelbox via presigned URLs.
As an alternative to IAM delegated access, you can use signed URLs (also known as presigned URLs or shared access signatures) to add datasets to Labelbox.
Signed URLs
Signed URLs permit access to resources without requiring updates to policies or other configuration settings.
A signed URL include a hash value that authenticates access requests. In general, signed URLs are valid for limited periods of time. Access to the resource is denied without the hash value; acces is also denied once the hash value expires.
Some cloud providers let you limit signed URLs to specific IP addresses or address blocks.
The hash value is generated by server hosting the file. Each provider provide multiple ways to generate signed URLs.
Here's an example of a signed URL:
http://example.com/filename?hash=DMF1ucDxtqgxwYQ==
Here, the value of the hash
parameter is a access token originally generated by the server hosting the file.
Generate signed URLs
The steps for generating signed hashes vary by the cloud provider. To learn more, see one of the following:
- Amazon Web Services (AWS) Simple Storage Service (S3):
- Working with presigned URLs (AWS docs)
- Sharing objects with presigned URLs (AWS docs)
- Google Cloud Storage:
- Signed URLs (Google Cloud docs)
- Microsoft Azure Storage:
If you're using a different cloud provider or storage service, consult the relevant docs for help generating signed URLs.
Related info
- To learn more about IAM delegated access, see Cloud storage integrations.
- To allow Labelbox to access your data rows, add the server addresses to your allow list.
- For help setting up cross origin resource sharing (CORS), see Configure CORS.
- See Webhooks to learn how to set up and manage an endpoint for Labelbox.
Updated 28 days ago