Skip to main content

I am using the REST API to upload images to Miro automatically, but I can only figure out how to do this from a public server. I’d like to know if it’s possible to do this while keeping the data completely private. 

I am doing a data science project where I am automatically generating reports for sports players based on their performance data. I am generating the reports on Miro so that my client can edit them before exporting to pdf. I have a large number of plots, which I need to put on Miro automatically when a python script is run. My script works great when I use publicly accessible URLs on my personal website, but now we’re starting to work with sensitive data, so that’s not ideal. I know it’s unlikely that anyone is going to find unlisted images on a tiny website, but I need to be able to reassure my client that their data is very safe. Hence my search for a way to use a private server.

Initially I tried uploading from my hard drive, but this turned out not to be possible (unless I missed something). I also tried creating a local server and uploading the files from there, but no luck. Shareable links from Google Drive didn’t work either. Today I tried using the Google Drive API to access the files, but I’m not succeeding so far. I know my credentials are working because I can access the files from my script, but Miro is not liking the link I gave it: 

{
  "type" : "error",
  "code" : "3.0802",
  "message" : "Uploading resource failed: Sorry, this URL is not supported",
  "status" : 400
}

To be honest, though, the link I gave it was a shareable one I got from the Google Drive GUI, just like the one I tried some time ago without the Drive API - so I doubt I’m actually even using my API credentials here. I’m very new to Google Cloud Services so I’m still pretty confused about how it all works. Maybe there’s a way to let the Miro API and Google Drive API talk to one another properly, but I don’t know enough to know where to look. 

I’m out of ideas now. Can anyone please assist me? I would very much appreciate it. 

Hi Lizelle, 

 

Have you seen this endpoint from our API? You should be able to use it to upload images directly to a Miro board from your local machine - Let me know if this would be something you could use!

https://developers.miro.com/reference/create-image-item-using-file-from-device


Just want to add that I’ve done some reading about publicly accessible links like those you’re given when you ask for a shareable link from an app. This page was very helpful: https://www.varonis.com/blog/the-dangers-of-shared-links. It seems like if I use GUIDs to make my urls really hard to guess and make sure that search engines aren’t allowed to index the directory where I put the files, then the data would be about as safe/not safe as it would be if I used shareable google drive links. I’ll ask my client if this is good enough for him, but first prize will still be to upload from local storage or use some sort of authentication. 


Reply